Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-4203 (GCVE-0-2022-4203)
Vulnerability from cvelistv5 – Published: 2023-02-24 14:53 – Updated: 2025-11-04 19:14
VLAI?
EPSS
Summary
A read buffer overrun can be triggered in X.509 certificate verification,
specifically in name constraint checking. Note that this occurs
after certificate chain signature verification and requires either a
CA to have signed the malicious certificate or for the application to
continue certificate verification despite failure to construct a path
to a trusted issuer.
The read buffer overrun might result in a crash which could lead to
a denial of service attack. In theory it could also result in the disclosure
of private memory contents (such as private keys, or sensitive plaintext)
although we are not aware of any working exploit leading to memory
contents disclosure as of the time of release of this advisory.
In a TLS client, this can be triggered by connecting to a malicious
server. In a TLS server, this can be triggered if the server requests
client authentication and a malicious client connects.
Severity ?
No CVSS data available.
CWE
- read buffer overrun
Assigner
References
Credits
Corey Bonnell from Digicert
Viktor Dukhovni
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:14:06.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230207.txt"
},
{
"name": "3.0.8 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:57:14.416833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T20:45:49.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.0.8",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Corey Bonnell from Digicert"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2023-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A read buffer overrun can be triggered in X.509 certificate verification,\u003cbr\u003especifically in name constraint checking. Note that this occurs\u003cbr\u003eafter certificate chain signature verification and requires either a\u003cbr\u003eCA to have signed the malicious certificate or for the application to\u003cbr\u003econtinue certificate verification despite failure to construct a path\u003cbr\u003eto a trusted issuer.\u003cbr\u003e\u003cbr\u003eThe read buffer overrun might result in a crash which could lead to\u003cbr\u003ea denial of service attack. In theory it could also result in the disclosure\u003cbr\u003eof private memory contents (such as private keys, or sensitive plaintext)\u003cbr\u003ealthough we are not aware of any working exploit leading to memory\u003cbr\u003econtents disclosure as of the time of release of this advisory.\u003cbr\u003e\u003cbr\u003eIn a TLS client, this can be triggered by connecting to a malicious\u003cbr\u003eserver. In a TLS server, this can be triggered if the server requests\u003cbr\u003eclient authentication and a malicious client connects.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Moderate"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "read buffer overrun",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-04T09:06:39.738Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230207.txt"
},
{
"name": "3.0.8 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "X.509 Name Constraints Read Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-4203",
"datePublished": "2023-02-24T14:53:08.485Z",
"dateReserved": "2022-11-29T10:00:42.027Z",
"dateUpdated": "2025-11-04T19:14:06.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.0.8\", \"matchCriteriaId\": \"A6DC5D88-4E99-48F2-8892-610ACA9B5B86\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A read buffer overrun can be triggered in X.509 certificate verification,\\nspecifically in name constraint checking. Note that this occurs\\nafter certificate chain signature verification and requires either a\\nCA to have signed the malicious certificate or for the application to\\ncontinue certificate verification despite failure to construct a path\\nto a trusted issuer.\\n\\nThe read buffer overrun might result in a crash which could lead to\\na denial of service attack. In theory it could also result in the disclosure\\nof private memory contents (such as private keys, or sensitive plaintext)\\nalthough we are not aware of any working exploit leading to memory\\ncontents disclosure as of the time of release of this advisory.\\n\\nIn a TLS client, this can be triggered by connecting to a malicious\\nserver. In a TLS server, this can be triggered if the server requests\\nclient authentication and a malicious client connects.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento del b\\u00fafer de lectura puede activarse en la verificaci\\u00f3n de certificados X.509, espec\\u00edficamente en la verificaci\\u00f3n de restricciones de nombre. Tenga en cuenta que esto ocurre despu\\u00e9s de la verificaci\\u00f3n de la firma de la cadena de certificados y requiere que una CA haya firmado el certificado malicioso o que la aplicaci\\u00f3n contin\\u00fae con la verificaci\\u00f3n del certificado a pesar de no poder construir una ruta a un emisor de confianza. El desbordamiento del b\\u00fafer de lectura puede provocar un bloqueo que podr\\u00eda conducir a un ataque de denegaci\\u00f3n de servicio. En teor\\u00eda, tambi\\u00e9n podr\\u00eda provocar la divulgaci\\u00f3n de contenidos de memoria privada (como claves privadas o texto plano confidencial), aunque no conocemos ning\\u00fan exploit en funcionamiento que conduzca a la divulgaci\\u00f3n de contenidos de memoria al momento de la publicaci\\u00f3n de este aviso. En un cliente TLS, esto puede activarse al conectarse a un servidor malicioso. En un servidor TLS, esto puede activarse si el servidor solicita la autenticaci\\u00f3n del cliente y un cliente malicioso se conecta.\"}]",
"id": "CVE-2022-4203",
"lastModified": "2024-11-21T07:34:46.480",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 3.6}]}",
"published": "2023-02-24T15:15:11.980",
"references": "[{\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://security.gentoo.org/glsa/202402-08\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.openssl.org/news/secadv/20230207.txt\", \"source\": \"openssl-security@openssl.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://security.gentoo.org/glsa/202402-08\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.openssl.org/news/secadv/20230207.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-4203\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2023-02-24T15:15:11.980\",\"lastModified\":\"2025-11-04T20:16:14.693\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A read buffer overrun can be triggered in X.509 certificate verification,\\nspecifically in name constraint checking. Note that this occurs\\nafter certificate chain signature verification and requires either a\\nCA to have signed the malicious certificate or for the application to\\ncontinue certificate verification despite failure to construct a path\\nto a trusted issuer.\\n\\nThe read buffer overrun might result in a crash which could lead to\\na denial of service attack. In theory it could also result in the disclosure\\nof private memory contents (such as private keys, or sensitive plaintext)\\nalthough we are not aware of any working exploit leading to memory\\ncontents disclosure as of the time of release of this advisory.\\n\\nIn a TLS client, this can be triggered by connecting to a malicious\\nserver. In a TLS server, this can be triggered if the server requests\\nclient authentication and a malicious client connects.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento del b\u00fafer de lectura puede activarse en la verificaci\u00f3n de certificados X.509, espec\u00edficamente en la verificaci\u00f3n de restricciones de nombre. Tenga en cuenta que esto ocurre despu\u00e9s de la verificaci\u00f3n de la firma de la cadena de certificados y requiere que una CA haya firmado el certificado malicioso o que la aplicaci\u00f3n contin\u00fae con la verificaci\u00f3n del certificado a pesar de no poder construir una ruta a un emisor de confianza. El desbordamiento del b\u00fafer de lectura puede provocar un bloqueo que podr\u00eda conducir a un ataque de denegaci\u00f3n de servicio. En teor\u00eda, tambi\u00e9n podr\u00eda provocar la divulgaci\u00f3n de contenidos de memoria privada (como claves privadas o texto plano confidencial), aunque no conocemos ning\u00fan exploit en funcionamiento que conduzca a la divulgaci\u00f3n de contenidos de memoria al momento de la publicaci\u00f3n de este aviso. En un cliente TLS, esto puede activarse al conectarse a un servidor malicioso. En un servidor TLS, esto puede activarse si el servidor solicita la autenticaci\u00f3n del cliente y un cliente malicioso se conecta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.8\",\"matchCriteriaId\":\"A6DC5D88-4E99-48F2-8892-610ACA9B5B86\"}]}]}],\"references\":[{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://security.gentoo.org/glsa/202402-08\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20230207.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202402-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20230207.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20230207.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\", \"name\": \"3.0.8 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202402-08\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T19:14:06.670Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-4203\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-06T15:57:14.416833Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-06T15:57:15.682Z\"}}], \"cna\": {\"title\": \"X.509 Name Constraints Read Buffer Overflow\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Corey Bonnell from Digicert\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Viktor Dukhovni\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Moderate\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.8\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-02-07T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20230207.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc\", \"name\": \"3.0.8 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://security.gentoo.org/glsa/202402-08\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A read buffer overrun can be triggered in X.509 certificate verification,\\nspecifically in name constraint checking. Note that this occurs\\nafter certificate chain signature verification and requires either a\\nCA to have signed the malicious certificate or for the application to\\ncontinue certificate verification despite failure to construct a path\\nto a trusted issuer.\\n\\nThe read buffer overrun might result in a crash which could lead to\\na denial of service attack. In theory it could also result in the disclosure\\nof private memory contents (such as private keys, or sensitive plaintext)\\nalthough we are not aware of any working exploit leading to memory\\ncontents disclosure as of the time of release of this advisory.\\n\\nIn a TLS client, this can be triggered by connecting to a malicious\\nserver. In a TLS server, this can be triggered if the server requests\\nclient authentication and a malicious client connects.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A read buffer overrun can be triggered in X.509 certificate verification,\u003cbr\u003especifically in name constraint checking. Note that this occurs\u003cbr\u003eafter certificate chain signature verification and requires either a\u003cbr\u003eCA to have signed the malicious certificate or for the application to\u003cbr\u003econtinue certificate verification despite failure to construct a path\u003cbr\u003eto a trusted issuer.\u003cbr\u003e\u003cbr\u003eThe read buffer overrun might result in a crash which could lead to\u003cbr\u003ea denial of service attack. In theory it could also result in the disclosure\u003cbr\u003eof private memory contents (such as private keys, or sensitive plaintext)\u003cbr\u003ealthough we are not aware of any working exploit leading to memory\u003cbr\u003econtents disclosure as of the time of release of this advisory.\u003cbr\u003e\u003cbr\u003eIn a TLS client, this can be triggered by connecting to a malicious\u003cbr\u003eserver. In a TLS server, this can be triggered if the server requests\u003cbr\u003eclient authentication and a malicious client connects.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"read buffer overrun\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-02-04T09:06:39.738Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-4203\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T19:14:06.670Z\", \"dateReserved\": \"2022-11-29T10:00:42.027Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2023-02-24T14:53:08.485Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-W67W-MW4J-8QRV
Vulnerability from github – Published: 2023-02-08 22:27 – Updated: 2025-11-04 22:09
VLAI?
Summary
openssl-src contains Read Buffer Overflow in X.509 Name Constraint
Details
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.
The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory.
In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Severity ?
9.1 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "openssl-src"
},
"ranges": [
{
"events": [
{
"introduced": "300.0.0"
},
{
"fixed": "300.0.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-4203"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": true,
"github_reviewed_at": "2023-02-08T22:27:42Z",
"nvd_published_at": "2023-02-24T15:15:00Z",
"severity": "CRITICAL"
},
"details": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path to a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"id": "GHSA-w67w-mw4j-8qrv",
"modified": "2025-11-04T22:09:13Z",
"published": "2023-02-08T22:27:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
},
{
"type": "WEB",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"type": "WEB",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2023-0008.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"type": "WEB",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "openssl-src contains Read Buffer Overflow in X.509 Name Constraint"
}
CERTFR-2023-AVI-0258
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une élévation de privilèges, un déni de service à distance, une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | IBM Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | WebSphere | IBM WebSphere Remote Server version 9.0 déployée avec une version de IBM WebSphere Application Server antérieure à 9.0.5.14 incluant le correctif PH52925 | ||
| IBM | Spectrum | IBM Spectrum Protect Plus versions 10.1.x antérieures à 10.1.14 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Remote Server version 9.0 d\u00e9ploy\u00e9e avec une version de IBM WebSphere Application Server ant\u00e9rieure \u00e0 9.0.5.14 incluant le correctif PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-2421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2421"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2022-0854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
},
{
"name": "CVE-2022-28893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28893"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-27863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27863"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0258",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges, un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance\n(XSS) et une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963786 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963786"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965816 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965816"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965812 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965812"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965822 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965822"
}
]
}
CERTFR-2025-AVI-1054
Vulnerability from certfr_avis - Published: 2025-12-01 - Updated: 2025-12-01
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Application Service | Stemcells (Ubuntu Noble) versions antérieures à 1.134.x | ||
| VMware | Tanzu Operations Manager | Tanzu Platform versions antérieures à 3.1.5-build.398 | ||
| VMware | Tanzu Operations Manager | Tanzu Platform versions antérieures à 3.2.1-build.271 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.134.x",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.5-build.398",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.1-build.271",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-38230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38230"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-12-01T00:00:00",
"last_revision_date": "2025-12-01T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1054",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36558",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36558"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36554",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36554"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36552",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36552"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36559",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36559"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36557",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36557"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36556",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36556"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36553",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36553"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36555",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36555"
}
]
}
CERTFR-2025-AVI-1057
Vulnerability from certfr_avis - Published: 2025-12-02 - Updated: 2025-12-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 16.x antérieures à 16.11.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 14.x antérieures à 14.20.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 17.x antérieures à 17.7.0 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.1 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 18.x antérieures à 18.1.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 15.x antérieures à 15.15.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 13.x antérieures à 13.23.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.11.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 14.x ant\u00e9rieures \u00e0 14.20.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.7.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.1.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.15.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 13.x ant\u00e9rieures \u00e0 13.23.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2022-23960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23960"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3629"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3633"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-26878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2022-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3534"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2023-52478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2023-52501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
},
{
"name": "CVE-2023-52519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2023-52582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
},
{
"name": "CVE-2021-47098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2021-47097",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2023-52523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2021-47020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
},
{
"name": "CVE-2021-47017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2021-47071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
},
{
"name": "CVE-2021-47202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
},
{
"name": "CVE-2024-26605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26605"
},
{
"name": "CVE-2024-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26989"
},
{
"name": "CVE-2024-27003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27003"
},
{
"name": "CVE-2024-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26987"
},
{
"name": "CVE-2024-27015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27015"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2024-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26992"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
},
{
"name": "CVE-2021-47197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47197"
},
{
"name": "CVE-2021-47196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47196"
},
{
"name": "CVE-2022-48702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48702"
},
{
"name": "CVE-2022-48701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48701"
},
{
"name": "CVE-2022-48694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48694"
},
{
"name": "CVE-2022-48644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48644"
},
{
"name": "CVE-2021-47217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47217"
},
{
"name": "CVE-2022-48653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48653"
},
{
"name": "CVE-2021-47214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47214"
},
{
"name": "CVE-2022-48672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48672"
},
{
"name": "CVE-2022-48657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48657"
},
{
"name": "CVE-2022-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48652"
},
{
"name": "CVE-2022-48658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48658"
},
{
"name": "CVE-2021-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47210"
},
{
"name": "CVE-2022-48662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48662"
},
{
"name": "CVE-2022-48639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48639"
},
{
"name": "CVE-2023-52646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52646"
},
{
"name": "CVE-2022-48640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48640"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2021-47215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47215"
},
{
"name": "CVE-2021-47074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47074"
},
{
"name": "CVE-2021-47041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47041"
},
{
"name": "CVE-2024-27039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
},
{
"name": "CVE-2022-48704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48704"
},
{
"name": "CVE-2022-48675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48675"
},
{
"name": "CVE-2022-48690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48690"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2022-48637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48637"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2022-48660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48660"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2021-47227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47227"
},
{
"name": "CVE-2021-47237",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47237"
},
{
"name": "CVE-2021-47239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47239"
},
{
"name": "CVE-2021-47250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47250"
},
{
"name": "CVE-2021-47261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47261"
},
{
"name": "CVE-2021-47343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47343"
},
{
"name": "CVE-2021-47360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47360"
},
{
"name": "CVE-2021-47365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47365"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2021-47393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
},
{
"name": "CVE-2021-47398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47398"
},
{
"name": "CVE-2021-47404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47404"
},
{
"name": "CVE-2021-47420",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47420"
},
{
"name": "CVE-2021-47422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47422"
},
{
"name": "CVE-2021-47426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47426"
},
{
"name": "CVE-2021-47428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47428"
},
{
"name": "CVE-2021-47429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47429"
},
{
"name": "CVE-2021-47430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47430"
},
{
"name": "CVE-2021-47438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
},
{
"name": "CVE-2021-47444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47444"
},
{
"name": "CVE-2021-47454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47454"
},
{
"name": "CVE-2021-47457",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47457"
},
{
"name": "CVE-2021-47465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47465"
},
{
"name": "CVE-2021-47481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47481"
},
{
"name": "CVE-2021-47483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47483"
},
{
"name": "CVE-2021-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47490"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2021-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47497"
},
{
"name": "CVE-2021-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47499"
},
{
"name": "CVE-2021-47500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47500"
},
{
"name": "CVE-2021-47505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47505"
},
{
"name": "CVE-2021-47516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47516"
},
{
"name": "CVE-2021-47527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47527"
},
{
"name": "CVE-2021-47536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47536"
},
{
"name": "CVE-2021-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47537"
},
{
"name": "CVE-2021-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
},
{
"name": "CVE-2021-47550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47550"
},
{
"name": "CVE-2021-47559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
},
{
"name": "CVE-2022-48689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48689"
},
{
"name": "CVE-2022-48691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48691"
},
{
"name": "CVE-2022-48705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48705"
},
{
"name": "CVE-2022-48709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48709"
},
{
"name": "CVE-2022-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48710"
},
{
"name": "CVE-2023-52654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
},
{
"name": "CVE-2023-52659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
},
{
"name": "CVE-2023-52661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
},
{
"name": "CVE-2023-52662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
},
{
"name": "CVE-2023-52679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2023-52690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52690"
},
{
"name": "CVE-2023-52698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52698"
},
{
"name": "CVE-2023-52702",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52702"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
},
{
"name": "CVE-2023-52731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52731"
},
{
"name": "CVE-2023-52736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52736"
},
{
"name": "CVE-2023-52739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52739"
},
{
"name": "CVE-2023-52740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52740"
},
{
"name": "CVE-2023-52743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52743"
},
{
"name": "CVE-2023-52744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52744"
},
{
"name": "CVE-2023-52747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52747"
},
{
"name": "CVE-2023-52764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2023-52788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52788"
},
{
"name": "CVE-2023-52791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
},
{
"name": "CVE-2023-52795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52795"
},
{
"name": "CVE-2023-52796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
},
{
"name": "CVE-2023-52803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2023-52814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52814"
},
{
"name": "CVE-2023-52817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
},
{
"name": "CVE-2023-52818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
},
{
"name": "CVE-2023-52833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52833"
},
{
"name": "CVE-2023-52840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
},
{
"name": "CVE-2023-52851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52851"
},
{
"name": "CVE-2023-52854",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
},
{
"name": "CVE-2023-52867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-26838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
},
{
"name": "CVE-2024-35801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
},
{
"name": "CVE-2024-35804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35804"
},
{
"name": "CVE-2024-35860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35860"
},
{
"name": "CVE-2024-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35872"
},
{
"name": "CVE-2024-35901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
},
{
"name": "CVE-2024-35912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
},
{
"name": "CVE-2024-35952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
},
{
"name": "CVE-2024-36926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-52663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-52697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52697"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2024-26674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
},
{
"name": "CVE-2024-26899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
},
{
"name": "CVE-2024-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26990"
},
{
"name": "CVE-2024-27027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
},
{
"name": "CVE-2024-27031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
},
{
"name": "CVE-2024-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27057"
},
{
"name": "CVE-2024-35795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
},
{
"name": "CVE-2024-35810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
},
{
"name": "CVE-2024-35814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
},
{
"name": "CVE-2024-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
},
{
"name": "CVE-2024-35834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35834"
},
{
"name": "CVE-2024-35836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35836"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2024-35891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35891"
},
{
"name": "CVE-2024-35903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35903"
},
{
"name": "CVE-2024-35917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35917"
},
{
"name": "CVE-2024-35927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35927"
},
{
"name": "CVE-2024-35974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35974"
},
{
"name": "CVE-2024-35981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35981"
},
{
"name": "CVE-2024-35991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
},
{
"name": "CVE-2024-36002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
},
{
"name": "CVE-2024-36011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
},
{
"name": "CVE-2024-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
},
{
"name": "CVE-2024-36891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
},
{
"name": "CVE-2024-36930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
},
{
"name": "CVE-2024-36936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
},
{
"name": "CVE-2024-35983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2023-52648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
},
{
"name": "CVE-2023-52649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
},
{
"name": "CVE-2024-26953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
},
{
"name": "CVE-2024-26975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
},
{
"name": "CVE-2024-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
},
{
"name": "CVE-2024-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
},
{
"name": "CVE-2024-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
},
{
"name": "CVE-2024-35787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
},
{
"name": "CVE-2024-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
},
{
"name": "CVE-2024-35831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2021-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
},
{
"name": "CVE-2021-47572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2021-47578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
},
{
"name": "CVE-2021-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
},
{
"name": "CVE-2021-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
},
{
"name": "CVE-2021-47609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
},
{
"name": "CVE-2021-47616",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
},
{
"name": "CVE-2021-47617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
},
{
"name": "CVE-2021-47620",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
},
{
"name": "CVE-2022-48712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
},
{
"name": "CVE-2022-48713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
},
{
"name": "CVE-2022-48714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
},
{
"name": "CVE-2022-48720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
},
{
"name": "CVE-2022-48724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
},
{
"name": "CVE-2022-48725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
},
{
"name": "CVE-2022-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
},
{
"name": "CVE-2022-48728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
},
{
"name": "CVE-2022-48729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
},
{
"name": "CVE-2022-48732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
},
{
"name": "CVE-2022-48745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
},
{
"name": "CVE-2022-48746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
},
{
"name": "CVE-2022-48752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
},
{
"name": "CVE-2022-48760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
},
{
"name": "CVE-2022-48763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
},
{
"name": "CVE-2022-48767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
},
{
"name": "CVE-2022-48768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
},
{
"name": "CVE-2022-48769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
},
{
"name": "CVE-2022-48770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
},
{
"name": "CVE-2023-52787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
},
{
"name": "CVE-2023-52837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
},
{
"name": "CVE-2023-52845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
},
{
"name": "CVE-2023-52846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
},
{
"name": "CVE-2024-35979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
},
{
"name": "CVE-2024-36477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-24859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
},
{
"name": "CVE-2024-26734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
},
{
"name": "CVE-2024-26818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-27012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27012"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-35880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35880"
},
{
"name": "CVE-2024-35892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35892"
},
{
"name": "CVE-2024-35894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35894"
},
{
"name": "CVE-2024-35908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35908"
},
{
"name": "CVE-2024-35913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35913"
},
{
"name": "CVE-2024-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35942"
},
{
"name": "CVE-2024-35957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35957"
},
{
"name": "CVE-2024-35980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35980"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2023-52750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52750"
},
{
"name": "CVE-2023-52782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52782"
},
{
"name": "CVE-2023-52786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52786"
},
{
"name": "CVE-2023-52792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52792"
},
{
"name": "CVE-2023-52794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52794"
},
{
"name": "CVE-2023-52842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52842"
},
{
"name": "CVE-2023-52849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52849"
},
{
"name": "CVE-2023-52866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52866"
},
{
"name": "CVE-2024-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2024-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
},
{
"name": "CVE-2024-36977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
},
{
"name": "CVE-2024-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
},
{
"name": "CVE-2024-38629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38629"
},
{
"name": "CVE-2024-39291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39291"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
},
{
"name": "CVE-2024-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
},
{
"name": "CVE-2024-36932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
},
{
"name": "CVE-2024-36956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
},
{
"name": "CVE-2024-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
},
{
"name": "CVE-2024-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
},
{
"name": "CVE-2024-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2023-52775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
},
{
"name": "CVE-2023-52885",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
},
{
"name": "CVE-2024-26837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
},
{
"name": "CVE-2024-27404",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27404"
},
{
"name": "CVE-2024-39479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39479"
},
{
"name": "CVE-2024-39498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39498"
},
{
"name": "CVE-2024-40923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40923"
},
{
"name": "CVE-2024-40925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40925"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2021-47623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47623"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2022-48778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48778"
},
{
"name": "CVE-2022-48780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48780"
},
{
"name": "CVE-2022-48783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48783"
},
{
"name": "CVE-2022-48784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48784"
},
{
"name": "CVE-2022-48785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48785"
},
{
"name": "CVE-2022-48786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
},
{
"name": "CVE-2022-48787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48787"
},
{
"name": "CVE-2022-48793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48793"
},
{
"name": "CVE-2022-48796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48796"
},
{
"name": "CVE-2022-48797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48797"
},
{
"name": "CVE-2022-48799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
},
{
"name": "CVE-2022-48800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48800"
},
{
"name": "CVE-2022-48801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48801"
},
{
"name": "CVE-2022-48802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48802"
},
{
"name": "CVE-2022-48804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48804"
},
{
"name": "CVE-2022-48806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48806"
},
{
"name": "CVE-2022-48809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48809"
},
{
"name": "CVE-2022-48810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48810"
},
{
"name": "CVE-2022-48812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48812"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2022-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48813"
},
{
"name": "CVE-2022-48815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48815"
},
{
"name": "CVE-2022-48817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48817"
},
{
"name": "CVE-2022-48818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48818"
},
{
"name": "CVE-2022-48823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48823"
},
{
"name": "CVE-2022-48825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48825"
},
{
"name": "CVE-2022-48830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48830"
},
{
"name": "CVE-2022-48831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48831"
},
{
"name": "CVE-2022-48834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48834"
},
{
"name": "CVE-2022-48835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48835"
},
{
"name": "CVE-2022-48836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48836"
},
{
"name": "CVE-2022-48837",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48837"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2022-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48840"
},
{
"name": "CVE-2022-48843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48843"
},
{
"name": "CVE-2022-48850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48850"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48858"
},
{
"name": "CVE-2022-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48861"
},
{
"name": "CVE-2022-48863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48863"
},
{
"name": "CVE-2022-48864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48864"
},
{
"name": "CVE-2022-48866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48866"
},
{
"name": "CVE-2023-52886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52886"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-39491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39491"
},
{
"name": "CVE-2024-40922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40922"
},
{
"name": "CVE-2024-40930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40930"
},
{
"name": "CVE-2024-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40964"
},
{
"name": "CVE-2024-40992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40992"
},
{
"name": "CVE-2024-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41003"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2022-48865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48865"
},
{
"name": "CVE-2022-48875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48875"
},
{
"name": "CVE-2022-48883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48883"
},
{
"name": "CVE-2022-48886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48886"
},
{
"name": "CVE-2022-48889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48889"
},
{
"name": "CVE-2022-48890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
},
{
"name": "CVE-2022-48896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48896"
},
{
"name": "CVE-2022-48899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48899"
},
{
"name": "CVE-2022-48912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48912"
},
{
"name": "CVE-2022-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48913"
},
{
"name": "CVE-2022-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48914"
},
{
"name": "CVE-2022-48915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48915"
},
{
"name": "CVE-2022-48921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
},
{
"name": "CVE-2022-48929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48929"
},
{
"name": "CVE-2022-48931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48931"
},
{
"name": "CVE-2022-48934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48934"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48939",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48939"
},
{
"name": "CVE-2022-48942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48942"
},
{
"name": "CVE-2023-52859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52859"
},
{
"name": "CVE-2023-52898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
},
{
"name": "CVE-2023-52901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52901"
},
{
"name": "CVE-2023-52905",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52905"
},
{
"name": "CVE-2023-52906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52906"
},
{
"name": "CVE-2023-52908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52908"
},
{
"name": "CVE-2023-52909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52909"
},
{
"name": "CVE-2023-52910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52910"
},
{
"name": "CVE-2024-26637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26637"
},
{
"name": "CVE-2024-26682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26682"
},
{
"name": "CVE-2024-26683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26683"
},
{
"name": "CVE-2024-36970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36970"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"name": "CVE-2024-42125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42125"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42139"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43816"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43874"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2022-48944",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48944"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-26721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54121"
},
{
"name": "CVE-2012-2114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2114"
},
{
"name": "CVE-2021-46937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46937"
},
{
"name": "CVE-2021-46999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46999"
},
{
"name": "CVE-2021-47033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47033"
},
{
"name": "CVE-2021-47079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47079"
},
{
"name": "CVE-2021-47092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47092"
},
{
"name": "CVE-2021-47226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47226"
},
{
"name": "CVE-2021-47251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47251"
},
{
"name": "CVE-2021-47266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47266"
},
{
"name": "CVE-2021-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47318"
},
{
"name": "CVE-2021-47325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47325"
},
{
"name": "CVE-2021-47346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47346"
},
{
"name": "CVE-2021-47349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47349"
},
{
"name": "CVE-2021-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47519"
},
{
"name": "CVE-2021-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47561"
},
{
"name": "CVE-2021-47613",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47613"
},
{
"name": "CVE-2022-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1247"
},
{
"name": "CVE-2022-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20153"
},
{
"name": "CVE-2022-48641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48641"
},
{
"name": "CVE-2022-48643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48643"
},
{
"name": "CVE-2022-48707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48707"
},
{
"name": "CVE-2022-48719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48719"
},
{
"name": "CVE-2022-48781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48781"
},
{
"name": "CVE-2022-48819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48819"
},
{
"name": "CVE-2022-48832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48832"
},
{
"name": "CVE-2022-48848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48848"
},
{
"name": "CVE-2022-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48876"
},
{
"name": "CVE-2022-48963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48963"
},
{
"name": "CVE-2022-48974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48974"
},
{
"name": "CVE-2022-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48976"
},
{
"name": "CVE-2022-48984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48984"
},
{
"name": "CVE-2022-48986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48986"
},
{
"name": "CVE-2022-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49013"
},
{
"name": "CVE-2022-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49018"
},
{
"name": "CVE-2022-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49048"
},
{
"name": "CVE-2022-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49049"
},
{
"name": "CVE-2022-49052",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49052"
},
{
"name": "CVE-2022-49072",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49072"
},
{
"name": "CVE-2022-49077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49077"
},
{
"name": "CVE-2022-49094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49094"
},
{
"name": "CVE-2022-49152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49152"
},
{
"name": "CVE-2022-49198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49198"
},
{
"name": "CVE-2022-49229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49229"
},
{
"name": "CVE-2022-49231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49231"
},
{
"name": "CVE-2022-49334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49334"
},
{
"name": "CVE-2022-49340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49340"
},
{
"name": "CVE-2022-49374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49374"
},
{
"name": "CVE-2022-49401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49401"
},
{
"name": "CVE-2022-49403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49403"
},
{
"name": "CVE-2022-49450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49450"
},
{
"name": "CVE-2022-49554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49554"
},
{
"name": "CVE-2022-49557",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49557"
},
{
"name": "CVE-2022-49567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49567"
},
{
"name": "CVE-2022-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49571"
},
{
"name": "CVE-2022-49572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49572"
},
{
"name": "CVE-2022-49573",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49573"
},
{
"name": "CVE-2022-49574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49574"
},
{
"name": "CVE-2022-49575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49575"
},
{
"name": "CVE-2022-49577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49577"
},
{
"name": "CVE-2022-49580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49580"
},
{
"name": "CVE-2022-49585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49585"
},
{
"name": "CVE-2022-49586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49586"
},
{
"name": "CVE-2022-49587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49587"
},
{
"name": "CVE-2022-49593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49593"
},
{
"name": "CVE-2022-49594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49594"
},
{
"name": "CVE-2022-49595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49595"
},
{
"name": "CVE-2022-49596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49596"
},
{
"name": "CVE-2022-49597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49597"
},
{
"name": "CVE-2022-49598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49598"
},
{
"name": "CVE-2022-49599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49599"
},
{
"name": "CVE-2022-49600",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49600"
},
{
"name": "CVE-2022-49601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49601"
},
{
"name": "CVE-2022-49602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49602"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2022-49612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49612"
},
{
"name": "CVE-2022-49629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49629"
},
{
"name": "CVE-2022-49633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49633"
},
{
"name": "CVE-2022-49637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49637"
},
{
"name": "CVE-2022-49639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49639"
},
{
"name": "CVE-2022-49659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49659"
},
{
"name": "CVE-2022-49662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49662"
},
{
"name": "CVE-2022-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49691"
},
{
"name": "CVE-2022-49744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49744"
},
{
"name": "CVE-2022-49747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49747"
},
{
"name": "CVE-2022-49752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49752"
},
{
"name": "CVE-2022-49754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49754"
},
{
"name": "CVE-2022-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49760"
},
{
"name": "CVE-2023-31082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31082"
},
{
"name": "CVE-2023-52516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52516"
},
{
"name": "CVE-2023-52568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52568"
},
{
"name": "CVE-2023-52570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52570"
},
{
"name": "CVE-2023-52689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52689"
},
{
"name": "CVE-2023-52704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52704"
},
{
"name": "CVE-2023-52706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52706"
},
{
"name": "CVE-2023-52828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52828"
},
{
"name": "CVE-2023-52902",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52902"
},
{
"name": "CVE-2023-52932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52932"
},
{
"name": "CVE-2023-52934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52934"
},
{
"name": "CVE-2023-52940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52940"
},
{
"name": "CVE-2023-52942",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52942"
},
{
"name": "CVE-2023-52977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52977"
},
{
"name": "CVE-2023-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52985"
},
{
"name": "CVE-2023-52987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52987"
},
{
"name": "CVE-2023-52991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52991"
},
{
"name": "CVE-2023-53004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53004"
},
{
"name": "CVE-2023-53017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53017"
},
{
"name": "CVE-2024-23196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23196"
},
{
"name": "CVE-2024-26678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26678"
},
{
"name": "CVE-2024-26725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26725"
},
{
"name": "CVE-2024-26746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26746"
},
{
"name": "CVE-2024-26918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26918"
},
{
"name": "CVE-2024-27023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27023"
},
{
"name": "CVE-2024-40907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40907"
},
{
"name": "CVE-2024-43896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43896"
},
{
"name": "CVE-2024-46748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46748"
},
{
"name": "CVE-2024-46862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46862"
},
{
"name": "CVE-2024-53073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53073"
},
{
"name": "CVE-2024-53225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53225"
},
{
"name": "CVE-2024-56668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56668"
},
{
"name": "CVE-2024-57852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57852"
},
{
"name": "CVE-2024-57914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57914"
},
{
"name": "CVE-2024-57985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57985"
},
{
"name": "CVE-2024-57989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57989"
},
{
"name": "CVE-2024-58064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58064"
},
{
"name": "CVE-2024-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58075"
},
{
"name": "CVE-2024-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58084"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2025-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21807"
},
{
"name": "CVE-2025-21817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21817"
},
{
"name": "CVE-2025-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21827"
},
{
"name": "CVE-2025-21851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21851"
},
{
"name": "CVE-2025-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21874"
},
{
"name": "CVE-2025-21907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21907"
},
{
"name": "CVE-2025-21921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21921"
},
{
"name": "CVE-2025-24357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24357"
},
{
"name": "CVE-2025-25183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25183"
},
{
"name": "CVE-2025-29770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29770"
},
{
"name": "CVE-2025-30165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30165"
},
{
"name": "CVE-2025-30202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30202"
},
{
"name": "CVE-2025-32381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32381"
},
{
"name": "CVE-2025-32444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32444"
},
{
"name": "CVE-2025-46570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46570"
},
{
"name": "CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"name": "CVE-2025-48887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48887"
},
{
"name": "CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"name": "CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2022-48879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48879"
},
{
"name": "CVE-2022-48946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48946"
},
{
"name": "CVE-2022-48951",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48951"
},
{
"name": "CVE-2022-48953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48953"
},
{
"name": "CVE-2022-48969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48969"
},
{
"name": "CVE-2022-48971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48971"
},
{
"name": "CVE-2022-48972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48972"
},
{
"name": "CVE-2022-48978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48978"
},
{
"name": "CVE-2022-48981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48981"
},
{
"name": "CVE-2022-48985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48985"
},
{
"name": "CVE-2022-48987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48987"
},
{
"name": "CVE-2022-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48988"
},
{
"name": "CVE-2022-48992",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48992"
},
{
"name": "CVE-2022-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48994"
},
{
"name": "CVE-2022-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48997"
},
{
"name": "CVE-2022-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49005"
},
{
"name": "CVE-2022-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49006"
},
{
"name": "CVE-2022-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49011"
},
{
"name": "CVE-2022-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49012"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2022-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49015"
},
{
"name": "CVE-2022-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49017"
},
{
"name": "CVE-2022-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49021"
},
{
"name": "CVE-2022-49022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49022"
},
{
"name": "CVE-2022-49024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49024"
},
{
"name": "CVE-2022-49027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49027"
},
{
"name": "CVE-2022-49028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49028"
},
{
"name": "CVE-2022-49029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49029"
},
{
"name": "CVE-2024-44932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44932"
},
{
"name": "CVE-2024-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44964"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47675"
},
{
"name": "CVE-2024-47682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47682"
},
{
"name": "CVE-2024-47687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47687"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47702"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47719"
},
{
"name": "CVE-2024-47727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47727"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-49862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49862"
},
{
"name": "CVE-2024-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49864"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49870"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49953"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50020"
},
{
"name": "CVE-2024-50021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50021"
},
{
"name": "CVE-2024-50022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50022"
},
{
"name": "CVE-2024-50023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50023"
},
{
"name": "CVE-2024-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50027"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50042"
},
{
"name": "CVE-2024-50060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50060"
},
{
"name": "CVE-2024-50064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50064"
},
{
"name": "CVE-2024-50074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
},
{
"name": "CVE-2024-50075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50075"
},
{
"name": "CVE-2024-50076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50076"
},
{
"name": "CVE-2024-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50077"
},
{
"name": "CVE-2024-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50078"
},
{
"name": "CVE-2024-50081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50081"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50226"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-44994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44994"
},
{
"name": "CVE-2024-50110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50110"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2022-48982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48982"
},
{
"name": "CVE-2022-48983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48983"
},
{
"name": "CVE-2022-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48989"
},
{
"name": "CVE-2023-52778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52778"
},
{
"name": "CVE-2024-49976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49976"
},
{
"name": "CVE-2024-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50101"
},
{
"name": "CVE-2024-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50102"
},
{
"name": "CVE-2024-50121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50121"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-50128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50128"
},
{
"name": "CVE-2024-50136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50136"
},
{
"name": "CVE-2024-50139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50139"
},
{
"name": "CVE-2024-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50141"
},
{
"name": "CVE-2024-50145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50145"
},
{
"name": "CVE-2024-50146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50146"
},
{
"name": "CVE-2024-50147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50147"
},
{
"name": "CVE-2024-50153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50153"
},
{
"name": "CVE-2024-50155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50155"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2024-50158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50158"
},
{
"name": "CVE-2024-50160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50160"
},
{
"name": "CVE-2024-50169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50169"
},
{
"name": "CVE-2024-50172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50172"
},
{
"name": "CVE-2024-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50182"
},
{
"name": "CVE-2024-50200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50200"
},
{
"name": "CVE-2024-50216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50216"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53045"
},
{
"name": "CVE-2024-53048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53048"
},
{
"name": "CVE-2024-53074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53074"
},
{
"name": "CVE-2024-53085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53085"
},
{
"name": "CVE-2024-53110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53110"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-53120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53120"
},
{
"name": "CVE-2024-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53123"
},
{
"name": "CVE-2024-53136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53136"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-53105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53105"
},
{
"name": "CVE-2024-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53117"
},
{
"name": "CVE-2024-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53118"
},
{
"name": "CVE-2024-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53134"
},
{
"name": "CVE-2024-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53151"
},
{
"name": "CVE-2024-53160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53160"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-53169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53169"
},
{
"name": "CVE-2024-53202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53202"
},
{
"name": "CVE-2024-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53206"
},
{
"name": "CVE-2024-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53207"
},
{
"name": "CVE-2024-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53208"
},
{
"name": "CVE-2024-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53213"
},
{
"name": "CVE-2024-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53215"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2024-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53229"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-56667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56667"
},
{
"name": "CVE-2024-56752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56752"
},
{
"name": "CVE-2024-48873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48873"
},
{
"name": "CVE-2024-49951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49951"
},
{
"name": "CVE-2024-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53091"
},
{
"name": "CVE-2024-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53170"
},
{
"name": "CVE-2024-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53175"
},
{
"name": "CVE-2024-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53185"
},
{
"name": "CVE-2024-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53230"
},
{
"name": "CVE-2024-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53231"
},
{
"name": "CVE-2024-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53232"
},
{
"name": "CVE-2024-53236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53236"
},
{
"name": "CVE-2024-55881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55881"
},
{
"name": "CVE-2024-56372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56372"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53238"
},
{
"name": "CVE-2024-56617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56617"
},
{
"name": "CVE-2024-56625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56625"
},
{
"name": "CVE-2024-56632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56632"
},
{
"name": "CVE-2024-56654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56654"
},
{
"name": "CVE-2024-56663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56663"
},
{
"name": "CVE-2024-56675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56675"
},
{
"name": "CVE-2024-56708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56708"
},
{
"name": "CVE-2024-56709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56709"
},
{
"name": "CVE-2024-56729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56729"
},
{
"name": "CVE-2024-56745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56745"
},
{
"name": "CVE-2024-56760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56760"
},
{
"name": "CVE-2024-56765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56765"
},
{
"name": "CVE-2024-57793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57793"
},
{
"name": "CVE-2024-57804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57804"
},
{
"name": "CVE-2024-57932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57932"
},
{
"name": "CVE-2024-57933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57933"
},
{
"name": "CVE-2024-57936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57936"
},
{
"name": "CVE-2025-21645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21645"
},
{
"name": "CVE-2025-21649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21649"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-56679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56679"
},
{
"name": "CVE-2024-56707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56707"
},
{
"name": "CVE-2024-56725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56725"
},
{
"name": "CVE-2024-56726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56726"
},
{
"name": "CVE-2024-56727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56727"
},
{
"name": "CVE-2024-57882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57882"
},
{
"name": "CVE-2024-57917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57917"
},
{
"name": "CVE-2025-21663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21663"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2024-50164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50164"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2021-47222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47222"
},
{
"name": "CVE-2021-47223",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47223"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-47700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47700"
},
{
"name": "CVE-2024-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49880"
},
{
"name": "CVE-2024-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49885"
},
{
"name": "CVE-2024-49999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49999"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50107"
},
{
"name": "CVE-2024-50109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50109"
},
{
"name": "CVE-2024-50114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50114"
},
{
"name": "CVE-2024-50120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50120"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50165"
},
{
"name": "CVE-2024-50197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50197"
},
{
"name": "CVE-2024-50207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50207"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50303"
},
{
"name": "CVE-2024-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53044"
},
{
"name": "CVE-2024-53109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53109"
},
{
"name": "CVE-2024-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53167"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53189"
},
{
"name": "CVE-2024-56535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56535"
},
{
"name": "CVE-2024-56545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56545"
},
{
"name": "CVE-2024-56696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56696"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-56783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56783"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2024-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48876"
},
{
"name": "CVE-2024-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53681"
},
{
"name": "CVE-2024-54460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54460"
},
{
"name": "CVE-2024-55642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55642"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2024-56624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56624"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56653",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56653"
},
{
"name": "CVE-2024-56657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56657"
},
{
"name": "CVE-2024-56669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56669"
},
{
"name": "CVE-2024-56710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56710"
},
{
"name": "CVE-2024-56714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56714"
},
{
"name": "CVE-2024-56772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56772"
},
{
"name": "CVE-2024-56773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56773"
},
{
"name": "CVE-2024-57878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57878"
},
{
"name": "CVE-2024-57879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57879"
},
{
"name": "CVE-2024-57885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57885"
},
{
"name": "CVE-2025-21644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21644"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2022-49220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49220"
},
{
"name": "CVE-2022-49372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49372"
},
{
"name": "CVE-2022-49578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49578"
},
{
"name": "CVE-2022-49589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49589"
},
{
"name": "CVE-2022-49620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49620"
},
{
"name": "CVE-2023-52997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52997"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58074"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2024-57987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57987"
},
{
"name": "CVE-2024-57988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57988"
},
{
"name": "CVE-2024-57995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57995"
},
{
"name": "CVE-2024-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58015"
},
{
"name": "CVE-2024-58062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58062"
},
{
"name": "CVE-2025-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21713"
},
{
"name": "CVE-2025-21770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21770"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-47316",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
}
],
"initial_release_date": "2025-12-02T00:00:00",
"last_revision_date": "2025-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1057",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36560",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36560"
},
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36564",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36564"
}
]
}
CERTFR-2025-AVI-0967
Vulnerability from certfr_avis - Published: 2025-11-05 - Updated: 2025-11-05
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | File Integrity Monitoring pour VMware Tanzu Platform versions antérieures à 2.1.49 | ||
| VMware | Tanzu Platform | Cloud Service Broker pour Azure pour VMware Tanzu Platform versions antérieures à 1.13.1 | ||
| VMware | Tanzu Platform | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Platform | Scheduler pour VMware Tanzu Platform versions antérieures à 2.0.21 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Platform | .NET Core Buildpack versions antérieures à 2.4.64 | ||
| VMware | Tanzu Platform | VMware Tanzu Data Flow sur Tanzu Platform versions antérieures à 2.0.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.4 | ||
| VMware | Tanzu Platform | CredHub Secrets Management pour VMware Tanzu Platform versions antérieures à 1.6.7 | ||
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.8 | ||
| VMware | Tanzu Platform | Go Buildpack versions antérieures à 1.10.57 | ||
| VMware | Tanzu Platform | VMware Tanzu RabbitMQ sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Platform | NodeJS Buildpack versions antérieures à 1.8.61 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.0 | ||
| VMware | Tanzu Platform | Application Services pour VMware Tanzu Platform versions antérieures à 3.3.11 | ||
| VMware | Tanzu Platform | IPsec Encryption pour VMware Tanzu Platform versions antérieures à 1.9.68 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "File Integrity Monitoring pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.1.49",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour Azure pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.13.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.21",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.64",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Data Flow sur Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.8",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.57",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu RabbitMQ sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.61",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Application Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.3.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "IPsec Encryption pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.9.68",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-7409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7409"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2024-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6505"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-43484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43484"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3447"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38229"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43483"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-58446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58446"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3446"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-43485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43485"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2024-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-11-05T00:00:00",
"last_revision_date": "2025-11-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0967",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36323",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36323"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36343",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36343"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36326"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36305",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36305"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36345",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36345"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36329"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36316"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36331"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36334",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36334"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36335",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36335"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36340",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36340"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36319",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36319"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36339",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36339"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36322",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36322"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36321",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36321"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36324"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36336",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36336"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36318",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36318"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36337",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36337"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36346",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36346"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36315"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36317",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36317"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36344",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36344"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36341",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36341"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36314",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36314"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36330"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36332",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36332"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36304",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36304"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36342",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36342"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36333",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36333"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36327"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36338",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36338"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36328"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36325"
}
]
}
CERTFR-2023-AVI-0102
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OpenSSL versions 1.0.2x ant\u00e9rieures \u00e0 1.0.2zg (support payant)",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 1.1.1x ant\u00e9rieures \u00e0 1.1.1t",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions ant\u00e9rieures \u00e0 3.0.8",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0102",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-02-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenSSL. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenSSL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 OpenSSL 20230207 du 07 f\u00e9vrier 2023",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
]
}
CERTFR-2023-AVI-0201
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions 10.4.x ant\u00e9rieures \u00e0 10.4.3",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions 8.15.x ant\u00e9rieures \u00e0 8.15.9",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0201",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eTenable Nessus\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-11 du 07 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-10 du 06 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-10"
}
]
}
CERTFR-2024-AVI-0781
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1 | ||
| Juniper Networks | BBE Cloud Setup | BBE Cloudsetup versions antérieures à 2.1.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "BBE Cloudsetup versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "BBE Cloud Setup",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-21618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21618"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-39524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39524"
},
{
"name": "CVE-2020-15861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15861"
},
{
"name": "CVE-2015-5621",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2014-2310",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
},
{
"name": "CVE-2024-39523",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39523"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2020-15862",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15862"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2019-20892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20892"
},
{
"name": "CVE-2022-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4886"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2022-23525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23525"
},
{
"name": "CVE-2007-5846",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2024-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21605"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-23524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23524"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2015-8100",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8100"
},
{
"name": "CVE-2024-21615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21615"
},
{
"name": "CVE-2021-25746",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25746"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2008-6123",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2021-25748",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25748"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2023-33953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
},
{
"name": "CVE-2022-23526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23526"
},
{
"name": "CVE-2014-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
},
{
"name": "CVE-2024-21609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21609"
},
{
"name": "CVE-2024-39522",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39522"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-32732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
},
{
"name": "CVE-2024-39517",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39517"
},
{
"name": "CVE-2023-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
},
{
"name": "CVE-2012-6151",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
},
{
"name": "CVE-2024-39521",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39521"
},
{
"name": "CVE-2024-39512",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39512"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2021-44225",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44225"
},
{
"name": "CVE-2024-39553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39553"
},
{
"name": "CVE-2024-39520",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39520"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2014-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-5043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5043"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2021-25745",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25745"
},
{
"name": "CVE-2018-18065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18065"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0781",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-16T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75756",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-low-privileged-user-can-access-confidential-information-CVE-2024-21615"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82975",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-CLI-parameter-processing-issues-allowing-privilege-escalation-resolved"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82977",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-User-is-not-logged-out-when-the-console-cable-is-disconnected-CVE-2024-39512"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82971",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-BBE-Cloudsetup-Multiple-vulnerabilities-resolved-in-2-1-0-release"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79175",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Upon-processing-specific-L2-traffic-rpd-can-hang-in-devices-with-EVPN-VXLAN-configured-CVE-2024-39517"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82974",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL-3-0-12"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75746",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-300-Series-Specific-link-local-traffic-causes-a-control-plane-overload-CVE-2024-21605"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75759",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-LLDP-is-enabled-and-a-malformed-LLDP-packet-is-received-l2cpd-crashes-CVE-2024-21618"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75750",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-If-specific-IPsec-parameters-are-negotiated-iked-will-crash-due-to-a-memory-leak-CVE-2024-21609"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79101",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-arbitrary-data-when-sampling-service-is-enabled-leads-to-partial-Denial-of-Service-DoS-CVE-2024-39553"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82973",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-net-SNMP-5-9-4"
}
]
}
CERTFR-2023-AVI-0102
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OpenSSL versions 1.0.2x ant\u00e9rieures \u00e0 1.0.2zg (support payant)",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions 1.1.1x ant\u00e9rieures \u00e0 1.1.1t",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
},
{
"description": "OpenSSL versions ant\u00e9rieures \u00e0 3.0.8",
"product": {
"name": "OpenSSL",
"vendor": {
"name": "OpenSSL",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0102",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-02-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenSSL. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenSSL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 OpenSSL 20230207 du 07 f\u00e9vrier 2023",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
]
}
CERTFR-2023-AVI-0368
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Tenable Nessus Network Monitor versions antérieures à 6.2.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0368",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-19 du 09 mai 2023",
"url": "https://www.tenable.com/security/tns-2023-19"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2023-AVI-0214
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité, une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar WinCollect Agent | IBM QRadar WinCollect Agent versions 10.x antérieures à 10.1.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 avec le dernier correctif de sécurité (Fix Pack 6) |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar WinCollect Agent versions 10.x ant\u00e9rieures \u00e0 10.1.3",
"product": {
"name": "QRadar WinCollect Agent",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 avec le dernier correctif de s\u00e9curit\u00e9 (Fix Pack 6)",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2022-43879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43879"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0214",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9, une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962773 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962773"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962775 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962775"
}
]
}
CERTFR-2024-AVI-0119
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une élévation de privilèges et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | Simcenter Femap versions antérieures à V2401.0000 | ||
| Siemens | N/A | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | Parasolid V36.0 versions antérieures à V36.0.198 | ||
| Siemens | N/A | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC646-2C (6GK5646-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC636-2C (6GK5636-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Small (9DE5110-8CA11-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SIMATIC WinCC V7.5 versions antérieures à V7.5 SP2 Update 15 | ||
| Siemens | N/A | SINEC NMS versions antérieures à V2.0 SP1 | ||
| Siemens | N/A | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SIMATIC WinCC V8.0 versions antérieures à V8.0 SP4 | ||
| Siemens | N/A | SIDIS Prime versions antérieures à V4.0.400 | ||
| Siemens | N/A | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V2.4 | ||
| Siemens | N/A | Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC642-2C (6GK5642-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | Parasolid V35.1 versions antérieures à V35.1.252 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2201 versions antérieures à V2201.0012 | ||
| Siemens | N/A | RUGGEDCOM APE1808 avec Nozomi Guardian / CMC antérieures à 23.3.0 | ||
| Siemens | N/A | Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC632-2C (6GK5632-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Location Intelligence SUS Large (9DE5110-8CA13-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC626-2C (6GK5626-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2302 versions antérieures à V2302.0006 | ||
| Siemens | N/A | Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC622-2C (6GK5622-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Parasolid V35.0 versions antérieures à V35.0.263 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap versions ant\u00e9rieures \u00e0 V2401.0000",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V36.0 versions ant\u00e9rieures \u00e0 V36.0.198",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Small (9DE5110-8CA11-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 SP2 Update 15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC NMS versions ant\u00e9rieures \u00e0 V2.0 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V8.0 versions ant\u00e9rieures \u00e0 V8.0 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIDIS Prime versions ant\u00e9rieures \u00e0 V4.0.400",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.1 versions ant\u00e9rieures \u00e0 V35.1.252",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2201 versions ant\u00e9rieures \u00e0 V2201.0012",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE1808 avec Nozomi Guardian / CMC ant\u00e9rieures \u00e0 23.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Large (9DE5110-8CA13-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2302 versions ant\u00e9rieures \u00e0 V2302.0006",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.0 versions ant\u00e9rieures \u00e0 V35.0.263",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2022-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46393"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-41556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41556"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-51440",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51440"
},
{
"name": "CVE-2023-23946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23946"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2023-45622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45622"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2022-29162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29162"
},
{
"name": "CVE-2023-30585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30585"
},
{
"name": "CVE-2024-23803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23803"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2023-38199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38199"
},
{
"name": "CVE-2022-36760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36760"
},
{
"name": "CVE-2022-47629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47629"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2021-45451",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45451"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-30583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30583"
},
{
"name": "CVE-2021-36369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36369"
},
{
"name": "CVE-2023-25727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25727"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0330"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2024-23812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23812"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-45617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45617"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2024-24925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24925"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22042"
},
{
"name": "CVE-2023-50236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50236"
},
{
"name": "CVE-2022-23521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23521"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2022-41903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41903"
},
{
"name": "CVE-2023-23934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23934"
},
{
"name": "CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23816"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2023-1393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1393"
},
{
"name": "CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"name": "CVE-2022-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36021"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2024-24922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24922"
},
{
"name": "CVE-2022-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38725"
},
{
"name": "CVE-2024-24923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24923"
},
{
"name": "CVE-2022-39260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39260"
},
{
"name": "CVE-2022-29862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29862"
},
{
"name": "CVE-2024-23800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23800"
},
{
"name": "CVE-2023-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-3437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3437"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-4743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4743"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-3247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3247"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2023-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0494"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2022-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37797"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2024-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24921"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-45625",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45625"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-32558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32558"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2022-41861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41861"
},
{
"name": "CVE-2024-23813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23813"
},
{
"name": "CVE-2022-34918",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-23802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23802"
},
{
"name": "CVE-2021-43666",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43666"
},
{
"name": "CVE-2023-22490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22490"
},
{
"name": "CVE-2023-0568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0568"
},
{
"name": "CVE-2024-23798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23798"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-32003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32003"
},
{
"name": "CVE-2023-1859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
},
{
"name": "CVE-2023-48363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48363"
},
{
"name": "CVE-2022-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1015"
},
{
"name": "CVE-2023-32004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32004"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2022-29187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29187"
},
{
"name": "CVE-2023-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
},
{
"name": "CVE-2023-28709",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28709"
},
{
"name": "CVE-2023-30587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30587"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2022-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46392"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-31489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31489"
},
{
"name": "CVE-2023-32005",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32005"
},
{
"name": "CVE-2023-45618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45618"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-23810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23810"
},
{
"name": "CVE-2023-30582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30582"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2019-19135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19135"
},
{
"name": "CVE-2022-28737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28737"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2022-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45142"
},
{
"name": "CVE-2023-22742",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22742"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2023-27522",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27522"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2022-48434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48434"
},
{
"name": "CVE-2023-25155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25155"
},
{
"name": "CVE-2023-0160",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0160"
},
{
"name": "CVE-2023-5253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5253"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2023-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49125"
},
{
"name": "CVE-2021-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3445"
},
{
"name": "CVE-2023-30581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30581"
},
{
"name": "CVE-2023-45627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45627"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2024-23801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23801"
},
{
"name": "CVE-2024-24924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24924"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-36664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36664"
},
{
"name": "CVE-2023-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21255"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2021-4037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4037"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-38559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38559"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45616",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45616"
},
{
"name": "CVE-2023-45624",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45624"
},
{
"name": "CVE-2023-45614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45614"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-46120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46120"
},
{
"name": "CVE-2023-30586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30586"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2024-23811",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23811"
},
{
"name": "CVE-2023-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35789"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-22043",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22043"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-4194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4194"
},
{
"name": "CVE-2023-39418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39418"
},
{
"name": "CVE-2023-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2454"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2022-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-26081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26081"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2023-32573",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32573"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2023-45619",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45619"
},
{
"name": "CVE-2023-48364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48364"
},
{
"name": "CVE-2023-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3863"
},
{
"name": "CVE-2022-24834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24834"
},
{
"name": "CVE-2023-30590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30590"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2022-1348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1348"
},
{
"name": "CVE-2023-2861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2861"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-34872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34872"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0567"
},
{
"name": "CVE-2024-23799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23799"
},
{
"name": "CVE-2021-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3638"
},
{
"name": "CVE-2023-34256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34256"
},
{
"name": "CVE-2024-23796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23796"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2023-3301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3301"
},
{
"name": "CVE-2023-0662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0662"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2022-44370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44370"
},
{
"name": "CVE-2023-45620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45620"
},
{
"name": "CVE-2023-34035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34035"
},
{
"name": "CVE-2022-41860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41860"
},
{
"name": "CVE-2024-23795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23795"
},
{
"name": "CVE-2023-45615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45615"
},
{
"name": "CVE-2022-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29536"
},
{
"name": "CVE-2023-49692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2020-1967",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
},
{
"name": "CVE-2023-22745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22745"
},
{
"name": "CVE-2022-3294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3294"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-45621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45621"
},
{
"name": "CVE-2024-23804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23804"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-11896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11896"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41080"
},
{
"name": "CVE-2023-45626",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45626"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2022-37436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37436"
},
{
"name": "CVE-2024-23797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23797"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2024-24920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24920"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2023-45623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45623"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2022-4900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4900"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-28450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28450"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0119",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune \u00e9l\u00e9vation de privil\u00e8ges et une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-000072 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-000072.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-602936 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-647068 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-647068.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-943925 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-943925.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-753746 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-806742 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-806742.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-580228 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-580228.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-716164 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-797296 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-108696 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-108696.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-871717 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-871717.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-516818 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-017796 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-017796.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-543502 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-543502.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-665034 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-665034.html"
}
]
}
CERTFR-2023-AVI-0208
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 10.3.0 ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 8.3.x ant\u00e9rieures \u00e0 8.3.5",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0208",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eTenable\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-11 du 07 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-10 du 06 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-10"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-12 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-12"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-13 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-13"
}
]
}
CERTFR-2025-AVI-0864
Vulnerability from certfr_avis - Published: 2025-10-13 - Updated: 2025-10-13
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMWare Tanzu pour MySQL sur Kubernetes 2.0.0 toutes version",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-21171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21171"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2024-20977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20977"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-20985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20985"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-21160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21160"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2024-21052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21052"
},
{
"name": "CVE-2024-20964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20964"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2024-21053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21053"
},
{
"name": "CVE-2024-21142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21142"
},
{
"name": "CVE-2025-21494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21494"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-20976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20976"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2024-21200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21200"
},
{
"name": "CVE-2024-20998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20998"
},
{
"name": "CVE-2024-21231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21231"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21102"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-21049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21049"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21534"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-21157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21157"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-21015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21015"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2024-21166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21166"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2023-45918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45918"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2024-20962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20962"
},
{
"name": "CVE-2022-48565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48565"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2025-21521",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21521"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-21009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21009"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20969"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2024-21177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21177"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2025-21492",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21492"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-22112",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22112"
},
{
"name": "CVE-2024-20966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20966"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-20972",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20972"
},
{
"name": "CVE-2024-21159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21159"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2024-21179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21179"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2024-21050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21050"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-48566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48566"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2024-20961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20961"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-20996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20996"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-20983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20983"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2024-21237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21237"
},
{
"name": "CVE-2025-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21536"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-21127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21127"
},
{
"name": "CVE-2024-21134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21134"
},
{
"name": "CVE-2024-21000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21000"
},
{
"name": "CVE-2024-20984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20984"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2024-21130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21130"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2024-21057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21057"
},
{
"name": "CVE-2025-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21525"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-21135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21135"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-20963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20963"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-21062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21062"
},
{
"name": "CVE-2024-21055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21055"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2024-21165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21165"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2024-21056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21056"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2022-40735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40735"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21047"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-20981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20981"
},
{
"name": "CVE-2024-21185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21185"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-21013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21013"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2016-20013",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20013"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2024-21162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21162"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-22092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22092"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21060"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2025-21504",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21504"
},
{
"name": "CVE-2024-20974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20974"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2024-21125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21125"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21518"
},
{
"name": "CVE-2024-20993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20993"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2024-21129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21129"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2024-20982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20982"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2024-21087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21087"
},
{
"name": "CVE-2023-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22064"
},
{
"name": "CVE-2024-20971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20971"
},
{
"name": "CVE-2024-20978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20978"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-20973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20973"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-20965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20965"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2024-21061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21061"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-20967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20967"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-21163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21163"
},
{
"name": "CVE-2024-21069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21069"
},
{
"name": "CVE-2024-21051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21051"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-20970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20970"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-21054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21054"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2024-21230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21230"
},
{
"name": "CVE-2024-20968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20968"
},
{
"name": "CVE-2024-21173",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21173"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-21008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21008"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20994"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2023-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22079"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-20960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20960"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-10-13T00:00:00",
"last_revision_date": "2025-10-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0864",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-10-10",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36208",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36208"
}
]
}
CERTFR-2023-AVI-0258
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une élévation de privilèges, un déni de service à distance, une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | IBM Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | WebSphere | IBM WebSphere Remote Server version 9.0 déployée avec une version de IBM WebSphere Application Server antérieure à 9.0.5.14 incluant le correctif PH52925 | ||
| IBM | Spectrum | IBM Spectrum Protect Plus versions 10.1.x antérieures à 10.1.14 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Remote Server version 9.0 d\u00e9ploy\u00e9e avec une version de IBM WebSphere Application Server ant\u00e9rieure \u00e0 9.0.5.14 incluant le correctif PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2022-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2601"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-2421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2421"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2022-0854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0854"
},
{
"name": "CVE-2022-28893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28893"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-27863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27863"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0258",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges, un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance\n(XSS) et une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963786 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963786"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965816 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965816"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965812 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965812"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6965822 du 23 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6965822"
}
]
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2023-AVI-0444
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.2.x antérieures à 6.2.2.1 | ||
| IBM | MaaS360 | IBM MaaS360 Cloud Extender Base Module versions antérieures à 3.000.100.069 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.0.x antérieures à 6.2.0.6 | ||
| IBM | MaaS360 | IBM MaaS360 PKI Certificate Module versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.1.x antérieures à 6.2.1.3 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.1.2.x antérieures à 6.1.2.8 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.0.x antérieures à 6.2.0.6 | ||
| IBM | MaaS360 | IBM MaaS360 VPN versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.1.2.x antérieures à 6.1.2.8 | ||
| IBM | QRadar User Behavior Analytics | IBM QRadar User Behavior Analytics versions 1.x à 4.1.x antérieures à 4.1.12 | ||
| IBM | MaaS360 | IBM MaaS360 Configuration Utility versions antérieures à 3.000.100 | ||
| IBM | QRadar Deployment Intelligence App | IBM QRadar Deployment Intelligence App versions 2.x à 3.0.x antérieures à 3.0.10 | ||
| IBM | MaaS360 | IBM MaaS360 Mobile Enterprise Gateway versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.2.x antérieures à 6.2.2.1 | ||
| IBM | MaaS360 | IBM MaaS360 Cloud Extender Agent versions antérieures à 3.000.100.069 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.1.x antérieures à 6.2.1.3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Cloud Extender Base Module versions ant\u00e9rieures \u00e0 3.000.100.069",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 PKI Certificate Module versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.3",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 VPN versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar User Behavior Analytics versions 1.x \u00e0 4.1.x ant\u00e9rieures \u00e0 4.1.12",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Configuration Utility versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Deployment Intelligence App versions 2.x \u00e0 3.0.x ant\u00e9rieures \u00e0 3.0.10",
"product": {
"name": "QRadar Deployment Intelligence App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Mobile Enterprise Gateway versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Cloud Extender Agent versions ant\u00e9rieures \u00e0 3.000.100.069",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.3",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-27555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27555"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-29257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29257"
},
{
"name": "CVE-2023-26021",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26021"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-41915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41915"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-25930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25930"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2023-29255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29255"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-27559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27559"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26022"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2022-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0444",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001723 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001723"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001639 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001639"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001571 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001571"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001689 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001689"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001643 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001643"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001815 du 07 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001815"
}
]
}
CERTFR-2023-AVI-0201
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions 10.4.x ant\u00e9rieures \u00e0 10.4.3",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions 8.15.x ant\u00e9rieures \u00e0 8.15.9",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0201",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eTenable Nessus\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-11 du 07 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-10 du 06 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-10"
}
]
}
CERTFR-2024-AVI-0180
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 Fix Pack 3 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 8 | ||
| IBM | AIX | AIX versions 7.2 et 7.3 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.2 | ||
| IBM | WebSphere | Websphere Liberty versions antérieures à 23.0.0.12 | ||
| IBM | VIOS | VIOS versions 3.1 et 4.1 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cloud Pak | Cognos Dashboards on Cloud Pak for Data versions antérieures à 4.8.3 | ||
| IBM | N/A | Cognos Command Center versions antérieures à 10.2.5 IF1 | ||
| IBM | Cognos Transformer | Cognos Transformer versions antérieures à 11.1.7 Fix Pack 8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.2 et 7.3 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Websphere Liberty versions ant\u00e9rieures \u00e0 23.0.0.12",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS versions 3.1 et 4.1 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.3",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 IF1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer versions ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38359"
},
{
"name": "CVE-2021-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2023-50324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50324"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-32344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32344"
},
{
"name": "CVE-2023-43051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43051"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2012-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5784"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2021-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2018-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8032"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-28167",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28167"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2010-2084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2084"
},
{
"name": "CVE-2019-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0227"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-34357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34357"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2014-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3596"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2022-34165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34165"
},
{
"name": "CVE-2023-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30996"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0180",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112541 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112541"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125640 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7124466 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7124466"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112504 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125461 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125461"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7123154 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7123154"
}
]
}
CERTFR-2023-AVI-0214
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité, une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar WinCollect Agent | IBM QRadar WinCollect Agent versions 10.x antérieures à 10.1.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 avec le dernier correctif de sécurité (Fix Pack 6) |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar WinCollect Agent versions 10.x ant\u00e9rieures \u00e0 10.1.3",
"product": {
"name": "QRadar WinCollect Agent",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 avec le dernier correctif de s\u00e9curit\u00e9 (Fix Pack 6)",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2022-43879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43879"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0214",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9, une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962773 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962773"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962775 du 10 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962775"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2023-AVI-0208
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 10.3.0 ant\u00e9rieures \u00e0 10.3.2",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus Agent versions 8.3.x ant\u00e9rieures \u00e0 8.3.5",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0208",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eTenable\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-11 du 07 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-10 du 06 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-10"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-12 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-12"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-13 du 09 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-13"
}
]
}
CERTFR-2023-AVI-0245
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | AIX | IBM AIX versions 7.3.x antérieures à 7.3.0 SP04 ou 7.3.1 SP02 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection pour Microsoft Hyper-V versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | AIX | IBM AIX versions 7.1.x antérieures à 7.1.5 SP12 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.1.3.0 sans le correctif de sécurité iFix16 | ||
| IBM | Spectrum | IBM Spectrum Protect Server versions 8.1.x antérieures à 8.1.18 | ||
| IBM | Spectrum | IBM Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection pour VMware versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Spectrum | IBM Spectrum Protect for Space Management versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | VIOS | IBM VIOS versions 3.1.3.x antérieures à 3.1.3.30 | ||
| IBM | VIOS | IBM VIOS versions 3.1.4.x antérieures à 3.1.4.20 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.3.0.0 sans le correctif de sécurité iFix02 | ||
| IBM | VIOS | IBM VIOS versions 3.1.x antérieures à 3.1.2.50 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.2.1.0 sans le correctif de sécurité iFix11 | ||
| IBM | AIX | IBM AIX versions 7.2.x antérieures à 7.2.5 SP06 | ||
| IBM | Spectrum | IBM Spectrum Protect Backup-Archive Client versions 8.1.x antérieures à 8.1.17.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM AIX versions 7.3.x ant\u00e9rieures \u00e0 7.3.0 SP04 ou 7.3.1 SP02",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection pour Microsoft Hyper-V versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM AIX versions 7.1.x ant\u00e9rieures \u00e0 7.1.5 SP12",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix16",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Server versions 8.1.x ant\u00e9rieures \u00e0 8.1.18",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection pour VMware versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Space Management versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.3.x ant\u00e9rieures \u00e0 3.1.3.30",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.4.x ant\u00e9rieures \u00e0 3.1.4.20",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.3.0.0 sans le correctif de s\u00e9curit\u00e9 iFix02",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.x ant\u00e9rieures \u00e0 3.1.2.50",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.2.1.0 sans le correctif de s\u00e9curit\u00e9 iFix11",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM AIX versions 7.2.x ant\u00e9rieures \u00e0 7.2.5 SP06",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Backup-Archive Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-43927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43927"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-43382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43382"
},
{
"name": "CVE-2022-25844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25844"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-43930",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-43929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43929"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0245",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964174 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964174"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963642 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963642"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963786 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963786"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962863 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962863"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6848309 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6848309"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963784 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963784"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964176 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964176"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963640 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963071 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963071"
}
]
}
CERTFR-2023-AVI-0935
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | COMOS versions antérieures à V10.4.4, les vulnérabilités CVE-2023-43505, CVE-2023-46601 ne seront pas corrigées par l'éditeur | ||
| Siemens | N/A | Desigo CC product family V5.0 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V5.1 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V6 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V7 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 10 versions antérieures à V10.4.0 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 7.x versions antérieures à V7.23.37 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 8.x versions antérieures à V8.18.27 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 9.x versions antérieures à V9.24.10 | ||
| Siemens | N/A | Mendix Studio Pro 10 versions antérieures à V10.3.1 | ||
| Siemens | N/A | Mendix Studio Pro 7 versions antérieures à V7.23.37 | ||
| Siemens | N/A | Mendix Studio Pro 8 versions antérieures à V8.18.27 | ||
| Siemens | N/A | Mendix Studio Pro 9 versions antérieures à V9.24.0 | ||
| Siemens | N/A | RUGGEDCOM APE1808 toutes versions utilisées avec Nozomi Guardian / CMC versions V22.6.3 à 23.1.0sans le dernier correctif de sécurité | ||
| Siemens | N/A | RUGGEDCOM M2100 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M2100F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2100NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2200 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M2200F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2200NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M969 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M969F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M969NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC30 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RMC30NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC8388 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RMC8388 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RMC8388NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC8388NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RP110 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RP110NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600F versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600FNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600T versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600TNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS400 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS400F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS400NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS401 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS401NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NCv2 V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NCv2 V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416P versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNCv2 V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNCv2 V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416Pv2 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416Pv2 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS416v2 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416v2 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS8000 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000A versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000ANC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000H versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000HNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000T versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000TNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900 (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900 (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS900 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900G (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900G (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS900G versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900GF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GP versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900GPF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GPNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900M-GETS-C01 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-GETS-XX versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-STND-C01 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-STND-XX versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-GETS-C01 toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-GETS-XX toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-STND-XX toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-STND-XX-C01 toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS910NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS910W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS920L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS920LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS920W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS930L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS930LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS930W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS940G versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS940GF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS940GNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS969 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS969NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100 (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100 (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2100 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100P versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100PNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2200 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2200F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2200NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2288 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2288 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2288NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2288NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2300 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2300F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300P V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2300P V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2300PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300PNC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300PNC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2488 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2488F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG907R versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG908C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG909R versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG910C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG920P V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG920P V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG920PNC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG920PNC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSL910 versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSL910NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RST2228 versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST2228P versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST916C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST916P versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM i800 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i800NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i801 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i801NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i802 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i802NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i803 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i803NC toutes les versions | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) toutes les versions | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) toutes les versions | ||
| Siemens | N/A | SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208 (6GK5208-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208EEC (6GK5208-0BA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G (6GK5208-0GA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G EEC (6GK5208-0GA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G PoE (6GK5208-0RA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216 (6GK5216-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C (6GK5216-4BS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G (6GK5216-4GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216EEC (6GK5216-0BA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224 (6GK5224-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G (6GK5224-4GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204 (6GK5204-0BA00-2GF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204 DNA (6GK5204-0BA00-2YF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204-2BA (6GK5204-2AA00-2GF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208 (6GK5208-0HA00-2AS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208EEC (6GK5208-0HA00-2ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216 (6GK5216-0HA00-2AS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216EEC (6GK5216-0HA00-2ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SIMATIC MV500 family versions antérieures à V3.3.5 | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V4.1 | ||
| Siemens | N/A | SINEC PNI versions antérieures à V2.0 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPROTEC 4 7SJ66 versions antérieures à V4.41 | ||
| Siemens | N/A | Siemens OPC UA Modelling Editor (SiOME) versions antérieures à V2.8 | ||
| Siemens | N/A | Simcenter Femap V2301 versions antérieures à V2301.0003 | ||
| Siemens | N/A | Simcenter Femap V2306 versions antérieures à V2306.0001 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2201 versions antérieures à V2201.0010 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2302 versions antérieures à V2302.0004 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "COMOS versions ant\u00e9rieures \u00e0 V10.4.4, les vuln\u00e9rabilit\u00e9s CVE-2023-43505, CVE-2023-46601 ne seront pas corrig\u00e9es par l\u0027\u00e9diteur",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V5.0 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V5.1 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V6 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V7 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 10 versions ant\u00e9rieures \u00e0 V10.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 7.x versions ant\u00e9rieures \u00e0 V7.23.37",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 8.x versions ant\u00e9rieures \u00e0 V8.18.27",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 9.x versions ant\u00e9rieures \u00e0 V9.24.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 10 versions ant\u00e9rieures \u00e0 V10.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 7 versions ant\u00e9rieures \u00e0 V7.23.37",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 8 versions ant\u00e9rieures \u00e0 V8.18.27",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 9 versions ant\u00e9rieures \u00e0 V9.24.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE1808 toutes versions utilis\u00e9es avec Nozomi Guardian / CMC versions V22.6.3 \u00e0 23.1.0sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC30 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC30NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RP110 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RP110NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600F versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600FNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600T versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600TNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS401 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS401NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NCv2 V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NCv2 V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416P versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNCv2 V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNCv2 V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416Pv2 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416Pv2 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416v2 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416v2 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000A versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000ANC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000H versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000HNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000T versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000TNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GP versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GPF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GPNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-GETS-C01 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-GETS-XX versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-STND-C01 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-STND-XX versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-GETS-C01 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-GETS-XX toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-STND-XX toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-STND-XX-C01 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940G versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940GF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940GNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS969 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS969NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100P versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100PNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300P V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300P V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PNC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PNC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG907R versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG908C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG909R versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG910C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920P V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920P V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920PNC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920PNC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSL910 versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSL910NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST2228 versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST2228P versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST916C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST916P versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i800 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i800NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i801 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i801NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i802 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i802NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i803 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i803NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208 (6GK5208-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G (6GK5208-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216 (6GK5216-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224 (6GK5224-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204 (6GK5204-0BA00-2GF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208 (6GK5208-0HA00-2AS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216 (6GK5216-0HA00-2AS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV500 family versions ant\u00e9rieures \u00e0 V3.3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC PNI versions ant\u00e9rieures \u00e0 V2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 4 7SJ66 versions ant\u00e9rieures \u00e0 V4.41",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siemens OPC UA Modelling Editor (SiOME) versions ant\u00e9rieures \u00e0 V2.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap V2301 versions ant\u00e9rieures \u00e0 V2301.0003",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap V2306 versions ant\u00e9rieures \u00e0 V2306.0001",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2201 versions ant\u00e9rieures \u00e0 V2201.0010",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2302 versions ant\u00e9rieures \u00e0 V2302.0004",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-24895",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24895"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2020-35460",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35460"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-33135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33135"
},
{
"name": "CVE-2023-1530",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1530"
},
{
"name": "CVE-2023-22669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22669"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2023-3935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3935"
},
{
"name": "CVE-2023-46096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46096"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38072"
},
{
"name": "CVE-2023-24897",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24897"
},
{
"name": "CVE-2022-44792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44792"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38075"
},
{
"name": "CVE-2019-12256",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12256"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2022-28809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28809"
},
{
"name": "CVE-2023-24936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24936"
},
{
"name": "CVE-2023-38073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38073"
},
{
"name": "CVE-2023-46097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46097"
},
{
"name": "CVE-2019-12258",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12258"
},
{
"name": "CVE-2020-25020",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25020"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-44793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44793"
},
{
"name": "CVE-2023-33128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33128"
},
{
"name": "CVE-2019-12259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12259"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2022-39158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39158"
},
{
"name": "CVE-2022-28808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28808"
},
{
"name": "CVE-2019-12261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12261"
},
{
"name": "CVE-2023-46099",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46099"
},
{
"name": "CVE-2023-46590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46590"
},
{
"name": "CVE-2023-2932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2932"
},
{
"name": "CVE-2023-41033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41033"
},
{
"name": "CVE-2023-46098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46098"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2021-20094",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20094"
},
{
"name": "CVE-2022-28807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28807"
},
{
"name": "CVE-2023-38071",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38071"
},
{
"name": "CVE-2023-45794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45794"
},
{
"name": "CVE-2019-12263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12263"
},
{
"name": "CVE-2021-20093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20093"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-46601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46601"
},
{
"name": "CVE-2023-32032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32032"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-47522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47522"
},
{
"name": "CVE-2023-38070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38070"
},
{
"name": "CVE-2022-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23095"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2023-29245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29245"
},
{
"name": "CVE-2023-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43503"
},
{
"name": "CVE-2019-12260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12260"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2023-28260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28260"
},
{
"name": "CVE-2023-43505",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43505"
},
{
"name": "CVE-2023-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38074"
},
{
"name": "CVE-2019-12262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12262"
},
{
"name": "CVE-2023-29331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29331"
},
{
"name": "CVE-2019-12255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12255"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-43504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43504"
},
{
"name": "CVE-2023-0933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0933"
},
{
"name": "CVE-2023-2567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2567"
},
{
"name": "CVE-2023-32649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32649"
},
{
"name": "CVE-2022-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41032"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2023-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21808"
},
{
"name": "CVE-2023-2931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2931"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"name": "CVE-2019-12265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12265"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2023-38076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38076"
},
{
"name": "CVE-2023-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41032"
},
{
"name": "CVE-2023-33126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33126"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-22670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22670"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0935",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un\nd\u00e9ni de service \u00e0 distance et une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-617233 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-292063.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-268517 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-084182.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-197270 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-787941.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-099606 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-137900 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-137900.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-456933 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-456933.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-787941 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-457702.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-084182 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-887122.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887122 du 08 novembre 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-150063.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-150063 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-268517.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-699386 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-197270.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-292063 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-617233.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-625850 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-457702 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-099606.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-478780 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-478780.html"
}
]
}
CERTFR-2024-AVI-0180
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 Fix Pack 3 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 8 | ||
| IBM | AIX | AIX versions 7.2 et 7.3 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.2 | ||
| IBM | WebSphere | Websphere Liberty versions antérieures à 23.0.0.12 | ||
| IBM | VIOS | VIOS versions 3.1 et 4.1 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cloud Pak | Cognos Dashboards on Cloud Pak for Data versions antérieures à 4.8.3 | ||
| IBM | N/A | Cognos Command Center versions antérieures à 10.2.5 IF1 | ||
| IBM | Cognos Transformer | Cognos Transformer versions antérieures à 11.1.7 Fix Pack 8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.2 et 7.3 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Websphere Liberty versions ant\u00e9rieures \u00e0 23.0.0.12",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS versions 3.1 et 4.1 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.3",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 IF1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer versions ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38359"
},
{
"name": "CVE-2021-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2023-50324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50324"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-32344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32344"
},
{
"name": "CVE-2023-43051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43051"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2012-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5784"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2021-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2018-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8032"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-28167",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28167"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2010-2084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2084"
},
{
"name": "CVE-2019-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0227"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-34357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34357"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2014-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3596"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2022-34165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34165"
},
{
"name": "CVE-2023-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30996"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0180",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112541 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112541"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125640 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7124466 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7124466"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112504 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125461 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125461"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7123154 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7123154"
}
]
}
CERTFR-2023-AVI-0935
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | COMOS versions antérieures à V10.4.4, les vulnérabilités CVE-2023-43505, CVE-2023-46601 ne seront pas corrigées par l'éditeur | ||
| Siemens | N/A | Desigo CC product family V5.0 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V5.1 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V6 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo CC product family V7 toutes les versions sans le dernier correctif de sécurité | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 10 versions antérieures à V10.4.0 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 7.x versions antérieures à V7.23.37 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 8.x versions antérieures à V8.18.27 | ||
| Siemens | N/A | Applications Mendix basées sur Mendix 9.x versions antérieures à V9.24.10 | ||
| Siemens | N/A | Mendix Studio Pro 10 versions antérieures à V10.3.1 | ||
| Siemens | N/A | Mendix Studio Pro 7 versions antérieures à V7.23.37 | ||
| Siemens | N/A | Mendix Studio Pro 8 versions antérieures à V8.18.27 | ||
| Siemens | N/A | Mendix Studio Pro 9 versions antérieures à V9.24.0 | ||
| Siemens | N/A | RUGGEDCOM APE1808 toutes versions utilisées avec Nozomi Guardian / CMC versions V22.6.3 à 23.1.0sans le dernier correctif de sécurité | ||
| Siemens | N/A | RUGGEDCOM M2100 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M2100F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2100NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2200 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M2200F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M2200NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M969 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM M969F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM M969NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC30 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RMC30NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC8388 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RMC8388 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RMC8388NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RMC8388NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RP110 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RP110NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600F versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600FNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS1600T versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS1600TNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS400 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS400F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS400NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS401 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS401NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NCv2 V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416NCv2 V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416P versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNCv2 V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416PNCv2 V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS416Pv2 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416Pv2 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS416v2 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS416v2 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS8000 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000A versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000ANC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000H versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000HNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS8000T versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS8000TNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900 (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900 (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS900 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900G (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900G (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RS900G versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900GF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GNC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GP versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900GPF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900GPNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900M-GETS-C01 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-GETS-XX versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-STND-C01 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900M-STND-XX versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-GETS-C01 toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-GETS-XX toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-STND-XX toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900MNC-STND-XX-C01 toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900NC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS900W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS910LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS910NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS910W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS920L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS920LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS920W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS930L versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS930LNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS930W versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS940G versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS940GF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS940GNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RS969 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RS969NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100 (32M) V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100 (32M) V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2100 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC(32M) V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100NC(32M) V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100P versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2100PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2100PNC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2200 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2200F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2200NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2288 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2288 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2288NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2288NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2300 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2300F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300P V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2300P V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2300PF toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300PNC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2300PNC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488 V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG2488 V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG2488F toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488NC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG2488NC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG907R versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG908C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG909R versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG910C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG920P V4.X versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM RSG920P V5.X versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSG920PNC V4.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSG920PNC V5.X toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RSL910 versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RSL910NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM RST2228 versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST2228P versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST916C versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM RST916P versions antérieures à V5.6.0 | ||
| Siemens | N/A | RUGGEDCOM i800 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i800NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i801 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i801NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i802 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i802NC toutes les versions | ||
| Siemens | N/A | RUGGEDCOM i803 versions antérieures à V4.3.8 | ||
| Siemens | N/A | RUGGEDCOM i803NC toutes les versions | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) toutes les versions | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) toutes les versions | ||
| Siemens | N/A | SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) toutes les versions | ||
| Siemens | N/A | SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) toutes les versions | ||
| Siemens | N/A | SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208 (6GK5208-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208EEC (6GK5208-0BA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G (6GK5208-0GA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G EEC (6GK5208-0GA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC208G PoE (6GK5208-0RA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216 (6GK5216-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C (6GK5216-4BS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G (6GK5216-4GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC216EEC (6GK5216-0BA00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224 (6GK5224-0BA00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G (6GK5224-4GS00-2AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204 (6GK5204-0BA00-2GF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204 DNA (6GK5204-0BA00-2YF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204-2BA (6GK5204-2AA00-2GF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208 (6GK5208-0HA00-2AS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208EEC (6GK5208-0HA00-2ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216 (6GK5216-0HA00-2AS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216EEC (6GK5216-0HA00-2ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3) versions antérieures à V4.5 | ||
| Siemens | N/A | SIMATIC MV500 family versions antérieures à V3.3.5 | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V4.1 | ||
| Siemens | N/A | SINEC PNI versions antérieures à V2.0 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2) versions antérieures à V4.5 | ||
| Siemens | N/A | SIPROTEC 4 7SJ66 versions antérieures à V4.41 | ||
| Siemens | N/A | Siemens OPC UA Modelling Editor (SiOME) versions antérieures à V2.8 | ||
| Siemens | N/A | Simcenter Femap V2301 versions antérieures à V2301.0003 | ||
| Siemens | N/A | Simcenter Femap V2306 versions antérieures à V2306.0001 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2201 versions antérieures à V2201.0010 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2302 versions antérieures à V2302.0004 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "COMOS versions ant\u00e9rieures \u00e0 V10.4.4, les vuln\u00e9rabilit\u00e9s CVE-2023-43505, CVE-2023-46601 ne seront pas corrig\u00e9es par l\u0027\u00e9diteur",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V5.0 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V5.1 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V6 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo CC product family V7 toutes les versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 10 versions ant\u00e9rieures \u00e0 V10.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 7.x versions ant\u00e9rieures \u00e0 V7.23.37",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 8.x versions ant\u00e9rieures \u00e0 V8.18.27",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Applications Mendix bas\u00e9es sur Mendix 9.x versions ant\u00e9rieures \u00e0 V9.24.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 10 versions ant\u00e9rieures \u00e0 V10.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 7 versions ant\u00e9rieures \u00e0 V7.23.37",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 8 versions ant\u00e9rieures \u00e0 V8.18.27",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Studio Pro 9 versions ant\u00e9rieures \u00e0 V9.24.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE1808 toutes versions utilis\u00e9es avec Nozomi Guardian / CMC versions V22.6.3 \u00e0 23.1.0sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2100NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M2200NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM M969NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC30 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC30NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RMC8388NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RP110 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RP110NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600F versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600FNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600T versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS1600TNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS400NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS401 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS401NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NCv2 V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416NCv2 V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416P versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNCv2 V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416PNCv2 V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416Pv2 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416Pv2 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416v2 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS416v2 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000A versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000ANC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000H versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000HNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000T versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS8000TNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900G versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GNC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GP versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GPF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900GPNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-GETS-C01 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-GETS-XX versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-STND-C01 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900M-STND-XX versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-GETS-C01 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-GETS-XX toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-STND-XX toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900MNC-STND-XX-C01 toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900NC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS900W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS910W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS920W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930L versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930LNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS930W versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940G versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940GF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS940GNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS969 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RS969NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 (32M) V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 (32M) V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC(32M) V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100NC(32M) V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100P versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2100PNC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2200NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2288NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300P V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300P V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PF toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PNC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2300PNC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488 V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488 V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488F toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488NC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG2488NC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG907R versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG908C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG909R versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG910C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920P V4.X versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920P V5.X versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920PNC V4.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSG920PNC V5.X toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSL910 versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RSL910NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST2228 versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST2228P versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST916C versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RST916P versions ant\u00e9rieures \u00e0 V5.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i800 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i800NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i801 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i801NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i802 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i802NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i803 versions ant\u00e9rieures \u00e0 V4.3.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM i803NC toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) toutes les versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208 (6GK5208-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G (6GK5208-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216 (6GK5216-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224 (6GK5224-0BA00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204 (6GK5204-0BA00-2GF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208 (6GK5208-0HA00-2AS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216 (6GK5216-0HA00-2AS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV500 family versions ant\u00e9rieures \u00e0 V3.3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC PNI versions ant\u00e9rieures \u00e0 V2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2) versions ant\u00e9rieures \u00e0 V4.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 4 7SJ66 versions ant\u00e9rieures \u00e0 V4.41",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siemens OPC UA Modelling Editor (SiOME) versions ant\u00e9rieures \u00e0 V2.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap V2301 versions ant\u00e9rieures \u00e0 V2301.0003",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap V2306 versions ant\u00e9rieures \u00e0 V2306.0001",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2201 versions ant\u00e9rieures \u00e0 V2201.0010",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2302 versions ant\u00e9rieures \u00e0 V2302.0004",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-24895",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24895"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2020-35460",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35460"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-33135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33135"
},
{
"name": "CVE-2023-1530",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1530"
},
{
"name": "CVE-2023-22669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22669"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2023-3935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3935"
},
{
"name": "CVE-2023-46096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46096"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38072"
},
{
"name": "CVE-2023-24897",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24897"
},
{
"name": "CVE-2022-44792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44792"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38075"
},
{
"name": "CVE-2019-12256",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12256"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2022-28809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28809"
},
{
"name": "CVE-2023-24936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24936"
},
{
"name": "CVE-2023-38073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38073"
},
{
"name": "CVE-2023-46097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46097"
},
{
"name": "CVE-2019-12258",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12258"
},
{
"name": "CVE-2020-25020",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25020"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-44793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44793"
},
{
"name": "CVE-2023-33128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33128"
},
{
"name": "CVE-2019-12259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12259"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2022-39158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39158"
},
{
"name": "CVE-2022-28808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28808"
},
{
"name": "CVE-2019-12261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12261"
},
{
"name": "CVE-2023-46099",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46099"
},
{
"name": "CVE-2023-46590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46590"
},
{
"name": "CVE-2023-2932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2932"
},
{
"name": "CVE-2023-41033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41033"
},
{
"name": "CVE-2023-46098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46098"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2021-20094",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20094"
},
{
"name": "CVE-2022-28807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28807"
},
{
"name": "CVE-2023-38071",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38071"
},
{
"name": "CVE-2023-45794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45794"
},
{
"name": "CVE-2019-12263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12263"
},
{
"name": "CVE-2021-20093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20093"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-46601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46601"
},
{
"name": "CVE-2023-32032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32032"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-47522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47522"
},
{
"name": "CVE-2023-38070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38070"
},
{
"name": "CVE-2022-23095",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23095"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2023-29245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29245"
},
{
"name": "CVE-2023-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43503"
},
{
"name": "CVE-2019-12260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12260"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2023-28260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28260"
},
{
"name": "CVE-2023-43505",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43505"
},
{
"name": "CVE-2023-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38074"
},
{
"name": "CVE-2019-12262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12262"
},
{
"name": "CVE-2023-29331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29331"
},
{
"name": "CVE-2019-12255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12255"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-43504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43504"
},
{
"name": "CVE-2023-0933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0933"
},
{
"name": "CVE-2023-2567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2567"
},
{
"name": "CVE-2023-32649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32649"
},
{
"name": "CVE-2022-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41032"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2023-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21808"
},
{
"name": "CVE-2023-2931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2931"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-30184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30184"
},
{
"name": "CVE-2019-12265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12265"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2023-38076",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38076"
},
{
"name": "CVE-2023-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41032"
},
{
"name": "CVE-2023-33126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33126"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-22670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22670"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0935",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un\nd\u00e9ni de service \u00e0 distance et une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-617233 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-292063.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-268517 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-084182.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-197270 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-787941.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-099606 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-137900 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-137900.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-456933 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-456933.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-787941 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-457702.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-084182 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-887122.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887122 du 08 novembre 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-150063.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-150063 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-268517.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-699386 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-197270.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-292063 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-617233.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-625850 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-457702 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-099606.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-478780 du 14 novembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-478780.html"
}
]
}
CERTFR-2024-AVI-0119
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une élévation de privilèges et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | Simcenter Femap versions antérieures à V2401.0000 | ||
| Siemens | N/A | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | Parasolid V36.0 versions antérieures à V36.0.198 | ||
| Siemens | N/A | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC646-2C (6GK5646-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC636-2C (6GK5636-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Small (9DE5110-8CA11-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SIMATIC WinCC V7.5 versions antérieures à V7.5 SP2 Update 15 | ||
| Siemens | N/A | SINEC NMS versions antérieures à V2.0 SP1 | ||
| Siemens | N/A | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V2.4 | ||
| Siemens | N/A | SIMATIC WinCC V8.0 versions antérieures à V8.0 SP4 | ||
| Siemens | N/A | SIDIS Prime versions antérieures à V4.0.400 | ||
| Siemens | N/A | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V2.4 | ||
| Siemens | N/A | Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC642-2C (6GK5642-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | Parasolid V35.1 versions antérieures à V35.1.252 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2201 versions antérieures à V2201.0012 | ||
| Siemens | N/A | RUGGEDCOM APE1808 avec Nozomi Guardian / CMC antérieures à 23.3.0 | ||
| Siemens | N/A | Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC632-2C (6GK5632-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Location Intelligence SUS Large (9DE5110-8CA13-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V2.4 | ||
| Siemens | N/A | SCALANCE SC626-2C (6GK5626-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Tecnomatix Plant Simulation V2302 versions antérieures à V2302.0006 | ||
| Siemens | N/A | Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | SCALANCE SC622-2C (6GK5622-2GS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | N/A | Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) versions antérieures à V4.3 | ||
| Siemens | N/A | Parasolid V35.0 versions antérieures à V35.0.263 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap versions ant\u00e9rieures \u00e0 V2401.0000",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V36.0 versions ant\u00e9rieures \u00e0 V36.0.198",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Small (9DE5110-8CA11-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 SP2 Update 15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC NMS versions ant\u00e9rieures \u00e0 V2.0 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V8.0 versions ant\u00e9rieures \u00e0 V8.0 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIDIS Prime versions ant\u00e9rieures \u00e0 V4.0.400",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Small (9DE5110-8CA11-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.1 versions ant\u00e9rieures \u00e0 V35.1.252",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2201 versions ant\u00e9rieures \u00e0 V2201.0012",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE1808 avec Nozomi Guardian / CMC ant\u00e9rieures \u00e0 23.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Non-Prod (9DE5110-8CA10-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Large (9DE5110-8CA13-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence SUS Medium (9DE5110-8CA12-1BX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation V2302 versions ant\u00e9rieures \u00e0 V2302.0006",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) versions ant\u00e9rieures \u00e0 V4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid V35.0 versions ant\u00e9rieures \u00e0 V35.0.263",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2022-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46393"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-41556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41556"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-51440",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51440"
},
{
"name": "CVE-2023-23946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23946"
},
{
"name": "CVE-2023-28466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
},
{
"name": "CVE-2023-45622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45622"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2022-29162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29162"
},
{
"name": "CVE-2023-30585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30585"
},
{
"name": "CVE-2024-23803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23803"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2023-38199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38199"
},
{
"name": "CVE-2022-36760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36760"
},
{
"name": "CVE-2022-47629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47629"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2021-45451",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45451"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-30583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30583"
},
{
"name": "CVE-2021-36369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36369"
},
{
"name": "CVE-2023-25727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25727"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0330"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2024-23812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23812"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-45617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45617"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2024-24925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24925"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22042"
},
{
"name": "CVE-2023-50236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50236"
},
{
"name": "CVE-2022-23521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23521"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2022-41903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41903"
},
{
"name": "CVE-2023-23934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23934"
},
{
"name": "CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23816"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2023-1393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1393"
},
{
"name": "CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"name": "CVE-2022-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36021"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2024-24922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24922"
},
{
"name": "CVE-2022-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38725"
},
{
"name": "CVE-2024-24923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24923"
},
{
"name": "CVE-2022-39260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39260"
},
{
"name": "CVE-2022-29862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29862"
},
{
"name": "CVE-2024-23800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23800"
},
{
"name": "CVE-2023-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-3437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3437"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-4743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4743"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-3247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3247"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2023-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0494"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2022-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37797"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2024-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24921"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-45625",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45625"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-32558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32558"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2022-41861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41861"
},
{
"name": "CVE-2024-23813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23813"
},
{
"name": "CVE-2022-34918",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34918"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-23802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23802"
},
{
"name": "CVE-2021-43666",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43666"
},
{
"name": "CVE-2023-22490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22490"
},
{
"name": "CVE-2023-0568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0568"
},
{
"name": "CVE-2024-23798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23798"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-32003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32003"
},
{
"name": "CVE-2023-1859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
},
{
"name": "CVE-2023-48363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48363"
},
{
"name": "CVE-2022-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1015"
},
{
"name": "CVE-2023-32004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32004"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2022-29187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29187"
},
{
"name": "CVE-2023-3111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
},
{
"name": "CVE-2023-28709",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28709"
},
{
"name": "CVE-2023-30587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30587"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2022-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46392"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-1670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
},
{
"name": "CVE-2023-31489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31489"
},
{
"name": "CVE-2023-32005",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32005"
},
{
"name": "CVE-2023-45618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45618"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-23810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23810"
},
{
"name": "CVE-2023-30582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30582"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2019-19135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19135"
},
{
"name": "CVE-2022-28737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28737"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2022-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45142"
},
{
"name": "CVE-2023-22742",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22742"
},
{
"name": "CVE-2022-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2586"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2023-27522",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27522"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2022-48434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48434"
},
{
"name": "CVE-2023-25155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25155"
},
{
"name": "CVE-2023-0160",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0160"
},
{
"name": "CVE-2023-5253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5253"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2023-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49125"
},
{
"name": "CVE-2021-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3445"
},
{
"name": "CVE-2023-30581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30581"
},
{
"name": "CVE-2023-45627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45627"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2024-23801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23801"
},
{
"name": "CVE-2024-24924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24924"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-36664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36664"
},
{
"name": "CVE-2023-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21255"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2021-4037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4037"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-38559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38559"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45616",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45616"
},
{
"name": "CVE-2023-45624",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45624"
},
{
"name": "CVE-2023-45614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45614"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-46120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46120"
},
{
"name": "CVE-2023-30586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30586"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2024-23811",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23811"
},
{
"name": "CVE-2023-35789",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35789"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-22043",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22043"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-4194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4194"
},
{
"name": "CVE-2023-39418",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39418"
},
{
"name": "CVE-2023-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2454"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2022-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-26081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26081"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2023-32573",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32573"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2023-45619",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45619"
},
{
"name": "CVE-2023-48364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48364"
},
{
"name": "CVE-2023-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3863"
},
{
"name": "CVE-2022-24834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24834"
},
{
"name": "CVE-2023-30590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30590"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2022-1348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1348"
},
{
"name": "CVE-2023-2861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2861"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-34872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34872"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0567"
},
{
"name": "CVE-2024-23799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23799"
},
{
"name": "CVE-2021-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3638"
},
{
"name": "CVE-2023-34256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34256"
},
{
"name": "CVE-2024-23796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23796"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2023-3301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3301"
},
{
"name": "CVE-2023-0662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0662"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2022-44370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44370"
},
{
"name": "CVE-2023-45620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45620"
},
{
"name": "CVE-2023-34035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34035"
},
{
"name": "CVE-2022-41860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41860"
},
{
"name": "CVE-2024-23795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23795"
},
{
"name": "CVE-2023-45615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45615"
},
{
"name": "CVE-2022-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29536"
},
{
"name": "CVE-2023-49692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2020-1967",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
},
{
"name": "CVE-2023-22745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22745"
},
{
"name": "CVE-2022-3294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3294"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-45621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45621"
},
{
"name": "CVE-2024-23804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23804"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-11896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11896"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41080"
},
{
"name": "CVE-2023-45626",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45626"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2022-37436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37436"
},
{
"name": "CVE-2024-23797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23797"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-1611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2024-24920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24920"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2023-45623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45623"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2022-4900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4900"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-28450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28450"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0119",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance,\nune \u00e9l\u00e9vation de privil\u00e8ges et une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-000072 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-000072.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-602936 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-647068 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-647068.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-943925 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-943925.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-753746 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-806742 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-806742.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-580228 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-580228.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-716164 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-716164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-797296 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-797296.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-108696 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-108696.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-871717 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-871717.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-516818 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-516818.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-017796 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-017796.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-543502 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-543502.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-665034 du 13 f\u00e9vrier 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-665034.html"
}
]
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2025-AVI-1057
Vulnerability from certfr_avis - Published: 2025-12-02 - Updated: 2025-12-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 16.x antérieures à 16.11.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 14.x antérieures à 14.20.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 17.x antérieures à 17.7.0 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.1 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 18.x antérieures à 18.1.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 15.x antérieures à 15.15.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 13.x antérieures à 13.23.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.11.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 14.x ant\u00e9rieures \u00e0 14.20.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.7.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.1.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.15.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 13.x ant\u00e9rieures \u00e0 13.23.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2022-23960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23960"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3629"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3633"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-26878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2022-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3534"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2023-52478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2023-52501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
},
{
"name": "CVE-2023-52519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2023-52582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
},
{
"name": "CVE-2021-47098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2021-47097",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2023-52523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2021-47020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
},
{
"name": "CVE-2021-47017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2021-47071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
},
{
"name": "CVE-2021-47202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
},
{
"name": "CVE-2024-26605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26605"
},
{
"name": "CVE-2024-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26989"
},
{
"name": "CVE-2024-27003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27003"
},
{
"name": "CVE-2024-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26987"
},
{
"name": "CVE-2024-27015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27015"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2024-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26992"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
},
{
"name": "CVE-2021-47197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47197"
},
{
"name": "CVE-2021-47196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47196"
},
{
"name": "CVE-2022-48702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48702"
},
{
"name": "CVE-2022-48701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48701"
},
{
"name": "CVE-2022-48694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48694"
},
{
"name": "CVE-2022-48644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48644"
},
{
"name": "CVE-2021-47217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47217"
},
{
"name": "CVE-2022-48653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48653"
},
{
"name": "CVE-2021-47214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47214"
},
{
"name": "CVE-2022-48672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48672"
},
{
"name": "CVE-2022-48657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48657"
},
{
"name": "CVE-2022-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48652"
},
{
"name": "CVE-2022-48658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48658"
},
{
"name": "CVE-2021-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47210"
},
{
"name": "CVE-2022-48662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48662"
},
{
"name": "CVE-2022-48639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48639"
},
{
"name": "CVE-2023-52646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52646"
},
{
"name": "CVE-2022-48640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48640"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2021-47215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47215"
},
{
"name": "CVE-2021-47074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47074"
},
{
"name": "CVE-2021-47041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47041"
},
{
"name": "CVE-2024-27039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
},
{
"name": "CVE-2022-48704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48704"
},
{
"name": "CVE-2022-48675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48675"
},
{
"name": "CVE-2022-48690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48690"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2022-48637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48637"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2022-48660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48660"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2021-47227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47227"
},
{
"name": "CVE-2021-47237",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47237"
},
{
"name": "CVE-2021-47239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47239"
},
{
"name": "CVE-2021-47250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47250"
},
{
"name": "CVE-2021-47261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47261"
},
{
"name": "CVE-2021-47343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47343"
},
{
"name": "CVE-2021-47360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47360"
},
{
"name": "CVE-2021-47365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47365"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2021-47393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
},
{
"name": "CVE-2021-47398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47398"
},
{
"name": "CVE-2021-47404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47404"
},
{
"name": "CVE-2021-47420",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47420"
},
{
"name": "CVE-2021-47422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47422"
},
{
"name": "CVE-2021-47426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47426"
},
{
"name": "CVE-2021-47428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47428"
},
{
"name": "CVE-2021-47429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47429"
},
{
"name": "CVE-2021-47430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47430"
},
{
"name": "CVE-2021-47438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
},
{
"name": "CVE-2021-47444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47444"
},
{
"name": "CVE-2021-47454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47454"
},
{
"name": "CVE-2021-47457",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47457"
},
{
"name": "CVE-2021-47465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47465"
},
{
"name": "CVE-2021-47481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47481"
},
{
"name": "CVE-2021-47483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47483"
},
{
"name": "CVE-2021-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47490"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2021-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47497"
},
{
"name": "CVE-2021-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47499"
},
{
"name": "CVE-2021-47500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47500"
},
{
"name": "CVE-2021-47505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47505"
},
{
"name": "CVE-2021-47516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47516"
},
{
"name": "CVE-2021-47527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47527"
},
{
"name": "CVE-2021-47536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47536"
},
{
"name": "CVE-2021-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47537"
},
{
"name": "CVE-2021-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
},
{
"name": "CVE-2021-47550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47550"
},
{
"name": "CVE-2021-47559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
},
{
"name": "CVE-2022-48689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48689"
},
{
"name": "CVE-2022-48691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48691"
},
{
"name": "CVE-2022-48705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48705"
},
{
"name": "CVE-2022-48709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48709"
},
{
"name": "CVE-2022-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48710"
},
{
"name": "CVE-2023-52654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
},
{
"name": "CVE-2023-52659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
},
{
"name": "CVE-2023-52661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
},
{
"name": "CVE-2023-52662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
},
{
"name": "CVE-2023-52679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2023-52690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52690"
},
{
"name": "CVE-2023-52698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52698"
},
{
"name": "CVE-2023-52702",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52702"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
},
{
"name": "CVE-2023-52731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52731"
},
{
"name": "CVE-2023-52736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52736"
},
{
"name": "CVE-2023-52739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52739"
},
{
"name": "CVE-2023-52740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52740"
},
{
"name": "CVE-2023-52743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52743"
},
{
"name": "CVE-2023-52744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52744"
},
{
"name": "CVE-2023-52747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52747"
},
{
"name": "CVE-2023-52764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2023-52788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52788"
},
{
"name": "CVE-2023-52791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
},
{
"name": "CVE-2023-52795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52795"
},
{
"name": "CVE-2023-52796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
},
{
"name": "CVE-2023-52803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2023-52814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52814"
},
{
"name": "CVE-2023-52817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
},
{
"name": "CVE-2023-52818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
},
{
"name": "CVE-2023-52833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52833"
},
{
"name": "CVE-2023-52840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
},
{
"name": "CVE-2023-52851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52851"
},
{
"name": "CVE-2023-52854",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
},
{
"name": "CVE-2023-52867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-26838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
},
{
"name": "CVE-2024-35801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
},
{
"name": "CVE-2024-35804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35804"
},
{
"name": "CVE-2024-35860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35860"
},
{
"name": "CVE-2024-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35872"
},
{
"name": "CVE-2024-35901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
},
{
"name": "CVE-2024-35912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
},
{
"name": "CVE-2024-35952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
},
{
"name": "CVE-2024-36926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-52663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-52697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52697"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2024-26674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
},
{
"name": "CVE-2024-26899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
},
{
"name": "CVE-2024-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26990"
},
{
"name": "CVE-2024-27027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
},
{
"name": "CVE-2024-27031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
},
{
"name": "CVE-2024-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27057"
},
{
"name": "CVE-2024-35795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
},
{
"name": "CVE-2024-35810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
},
{
"name": "CVE-2024-35814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
},
{
"name": "CVE-2024-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
},
{
"name": "CVE-2024-35834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35834"
},
{
"name": "CVE-2024-35836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35836"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2024-35891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35891"
},
{
"name": "CVE-2024-35903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35903"
},
{
"name": "CVE-2024-35917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35917"
},
{
"name": "CVE-2024-35927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35927"
},
{
"name": "CVE-2024-35974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35974"
},
{
"name": "CVE-2024-35981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35981"
},
{
"name": "CVE-2024-35991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
},
{
"name": "CVE-2024-36002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
},
{
"name": "CVE-2024-36011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
},
{
"name": "CVE-2024-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
},
{
"name": "CVE-2024-36891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
},
{
"name": "CVE-2024-36930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
},
{
"name": "CVE-2024-36936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
},
{
"name": "CVE-2024-35983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2023-52648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
},
{
"name": "CVE-2023-52649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
},
{
"name": "CVE-2024-26953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
},
{
"name": "CVE-2024-26975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
},
{
"name": "CVE-2024-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
},
{
"name": "CVE-2024-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
},
{
"name": "CVE-2024-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
},
{
"name": "CVE-2024-35787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
},
{
"name": "CVE-2024-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
},
{
"name": "CVE-2024-35831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2021-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
},
{
"name": "CVE-2021-47572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2021-47578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
},
{
"name": "CVE-2021-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
},
{
"name": "CVE-2021-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
},
{
"name": "CVE-2021-47609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
},
{
"name": "CVE-2021-47616",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
},
{
"name": "CVE-2021-47617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
},
{
"name": "CVE-2021-47620",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
},
{
"name": "CVE-2022-48712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
},
{
"name": "CVE-2022-48713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
},
{
"name": "CVE-2022-48714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
},
{
"name": "CVE-2022-48720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
},
{
"name": "CVE-2022-48724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
},
{
"name": "CVE-2022-48725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
},
{
"name": "CVE-2022-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
},
{
"name": "CVE-2022-48728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
},
{
"name": "CVE-2022-48729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
},
{
"name": "CVE-2022-48732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
},
{
"name": "CVE-2022-48745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
},
{
"name": "CVE-2022-48746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
},
{
"name": "CVE-2022-48752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
},
{
"name": "CVE-2022-48760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
},
{
"name": "CVE-2022-48763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
},
{
"name": "CVE-2022-48767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
},
{
"name": "CVE-2022-48768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
},
{
"name": "CVE-2022-48769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
},
{
"name": "CVE-2022-48770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
},
{
"name": "CVE-2023-52787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
},
{
"name": "CVE-2023-52837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
},
{
"name": "CVE-2023-52845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
},
{
"name": "CVE-2023-52846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
},
{
"name": "CVE-2024-35979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
},
{
"name": "CVE-2024-36477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-24859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
},
{
"name": "CVE-2024-26734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
},
{
"name": "CVE-2024-26818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-27012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27012"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-35880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35880"
},
{
"name": "CVE-2024-35892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35892"
},
{
"name": "CVE-2024-35894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35894"
},
{
"name": "CVE-2024-35908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35908"
},
{
"name": "CVE-2024-35913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35913"
},
{
"name": "CVE-2024-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35942"
},
{
"name": "CVE-2024-35957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35957"
},
{
"name": "CVE-2024-35980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35980"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2023-52750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52750"
},
{
"name": "CVE-2023-52782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52782"
},
{
"name": "CVE-2023-52786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52786"
},
{
"name": "CVE-2023-52792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52792"
},
{
"name": "CVE-2023-52794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52794"
},
{
"name": "CVE-2023-52842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52842"
},
{
"name": "CVE-2023-52849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52849"
},
{
"name": "CVE-2023-52866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52866"
},
{
"name": "CVE-2024-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2024-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
},
{
"name": "CVE-2024-36977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
},
{
"name": "CVE-2024-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
},
{
"name": "CVE-2024-38629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38629"
},
{
"name": "CVE-2024-39291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39291"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
},
{
"name": "CVE-2024-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
},
{
"name": "CVE-2024-36932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
},
{
"name": "CVE-2024-36956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
},
{
"name": "CVE-2024-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
},
{
"name": "CVE-2024-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
},
{
"name": "CVE-2024-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2023-52775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
},
{
"name": "CVE-2023-52885",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
},
{
"name": "CVE-2024-26837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
},
{
"name": "CVE-2024-27404",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27404"
},
{
"name": "CVE-2024-39479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39479"
},
{
"name": "CVE-2024-39498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39498"
},
{
"name": "CVE-2024-40923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40923"
},
{
"name": "CVE-2024-40925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40925"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2021-47623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47623"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2022-48778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48778"
},
{
"name": "CVE-2022-48780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48780"
},
{
"name": "CVE-2022-48783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48783"
},
{
"name": "CVE-2022-48784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48784"
},
{
"name": "CVE-2022-48785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48785"
},
{
"name": "CVE-2022-48786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
},
{
"name": "CVE-2022-48787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48787"
},
{
"name": "CVE-2022-48793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48793"
},
{
"name": "CVE-2022-48796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48796"
},
{
"name": "CVE-2022-48797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48797"
},
{
"name": "CVE-2022-48799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
},
{
"name": "CVE-2022-48800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48800"
},
{
"name": "CVE-2022-48801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48801"
},
{
"name": "CVE-2022-48802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48802"
},
{
"name": "CVE-2022-48804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48804"
},
{
"name": "CVE-2022-48806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48806"
},
{
"name": "CVE-2022-48809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48809"
},
{
"name": "CVE-2022-48810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48810"
},
{
"name": "CVE-2022-48812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48812"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2022-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48813"
},
{
"name": "CVE-2022-48815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48815"
},
{
"name": "CVE-2022-48817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48817"
},
{
"name": "CVE-2022-48818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48818"
},
{
"name": "CVE-2022-48823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48823"
},
{
"name": "CVE-2022-48825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48825"
},
{
"name": "CVE-2022-48830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48830"
},
{
"name": "CVE-2022-48831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48831"
},
{
"name": "CVE-2022-48834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48834"
},
{
"name": "CVE-2022-48835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48835"
},
{
"name": "CVE-2022-48836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48836"
},
{
"name": "CVE-2022-48837",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48837"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2022-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48840"
},
{
"name": "CVE-2022-48843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48843"
},
{
"name": "CVE-2022-48850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48850"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48858"
},
{
"name": "CVE-2022-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48861"
},
{
"name": "CVE-2022-48863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48863"
},
{
"name": "CVE-2022-48864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48864"
},
{
"name": "CVE-2022-48866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48866"
},
{
"name": "CVE-2023-52886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52886"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-39491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39491"
},
{
"name": "CVE-2024-40922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40922"
},
{
"name": "CVE-2024-40930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40930"
},
{
"name": "CVE-2024-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40964"
},
{
"name": "CVE-2024-40992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40992"
},
{
"name": "CVE-2024-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41003"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2022-48865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48865"
},
{
"name": "CVE-2022-48875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48875"
},
{
"name": "CVE-2022-48883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48883"
},
{
"name": "CVE-2022-48886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48886"
},
{
"name": "CVE-2022-48889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48889"
},
{
"name": "CVE-2022-48890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
},
{
"name": "CVE-2022-48896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48896"
},
{
"name": "CVE-2022-48899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48899"
},
{
"name": "CVE-2022-48912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48912"
},
{
"name": "CVE-2022-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48913"
},
{
"name": "CVE-2022-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48914"
},
{
"name": "CVE-2022-48915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48915"
},
{
"name": "CVE-2022-48921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
},
{
"name": "CVE-2022-48929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48929"
},
{
"name": "CVE-2022-48931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48931"
},
{
"name": "CVE-2022-48934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48934"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48939",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48939"
},
{
"name": "CVE-2022-48942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48942"
},
{
"name": "CVE-2023-52859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52859"
},
{
"name": "CVE-2023-52898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
},
{
"name": "CVE-2023-52901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52901"
},
{
"name": "CVE-2023-52905",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52905"
},
{
"name": "CVE-2023-52906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52906"
},
{
"name": "CVE-2023-52908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52908"
},
{
"name": "CVE-2023-52909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52909"
},
{
"name": "CVE-2023-52910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52910"
},
{
"name": "CVE-2024-26637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26637"
},
{
"name": "CVE-2024-26682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26682"
},
{
"name": "CVE-2024-26683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26683"
},
{
"name": "CVE-2024-36970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36970"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"name": "CVE-2024-42125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42125"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42139"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43816"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43874"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2022-48944",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48944"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-26721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54121"
},
{
"name": "CVE-2012-2114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2114"
},
{
"name": "CVE-2021-46937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46937"
},
{
"name": "CVE-2021-46999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46999"
},
{
"name": "CVE-2021-47033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47033"
},
{
"name": "CVE-2021-47079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47079"
},
{
"name": "CVE-2021-47092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47092"
},
{
"name": "CVE-2021-47226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47226"
},
{
"name": "CVE-2021-47251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47251"
},
{
"name": "CVE-2021-47266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47266"
},
{
"name": "CVE-2021-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47318"
},
{
"name": "CVE-2021-47325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47325"
},
{
"name": "CVE-2021-47346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47346"
},
{
"name": "CVE-2021-47349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47349"
},
{
"name": "CVE-2021-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47519"
},
{
"name": "CVE-2021-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47561"
},
{
"name": "CVE-2021-47613",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47613"
},
{
"name": "CVE-2022-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1247"
},
{
"name": "CVE-2022-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20153"
},
{
"name": "CVE-2022-48641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48641"
},
{
"name": "CVE-2022-48643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48643"
},
{
"name": "CVE-2022-48707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48707"
},
{
"name": "CVE-2022-48719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48719"
},
{
"name": "CVE-2022-48781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48781"
},
{
"name": "CVE-2022-48819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48819"
},
{
"name": "CVE-2022-48832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48832"
},
{
"name": "CVE-2022-48848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48848"
},
{
"name": "CVE-2022-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48876"
},
{
"name": "CVE-2022-48963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48963"
},
{
"name": "CVE-2022-48974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48974"
},
{
"name": "CVE-2022-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48976"
},
{
"name": "CVE-2022-48984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48984"
},
{
"name": "CVE-2022-48986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48986"
},
{
"name": "CVE-2022-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49013"
},
{
"name": "CVE-2022-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49018"
},
{
"name": "CVE-2022-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49048"
},
{
"name": "CVE-2022-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49049"
},
{
"name": "CVE-2022-49052",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49052"
},
{
"name": "CVE-2022-49072",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49072"
},
{
"name": "CVE-2022-49077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49077"
},
{
"name": "CVE-2022-49094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49094"
},
{
"name": "CVE-2022-49152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49152"
},
{
"name": "CVE-2022-49198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49198"
},
{
"name": "CVE-2022-49229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49229"
},
{
"name": "CVE-2022-49231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49231"
},
{
"name": "CVE-2022-49334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49334"
},
{
"name": "CVE-2022-49340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49340"
},
{
"name": "CVE-2022-49374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49374"
},
{
"name": "CVE-2022-49401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49401"
},
{
"name": "CVE-2022-49403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49403"
},
{
"name": "CVE-2022-49450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49450"
},
{
"name": "CVE-2022-49554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49554"
},
{
"name": "CVE-2022-49557",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49557"
},
{
"name": "CVE-2022-49567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49567"
},
{
"name": "CVE-2022-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49571"
},
{
"name": "CVE-2022-49572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49572"
},
{
"name": "CVE-2022-49573",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49573"
},
{
"name": "CVE-2022-49574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49574"
},
{
"name": "CVE-2022-49575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49575"
},
{
"name": "CVE-2022-49577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49577"
},
{
"name": "CVE-2022-49580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49580"
},
{
"name": "CVE-2022-49585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49585"
},
{
"name": "CVE-2022-49586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49586"
},
{
"name": "CVE-2022-49587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49587"
},
{
"name": "CVE-2022-49593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49593"
},
{
"name": "CVE-2022-49594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49594"
},
{
"name": "CVE-2022-49595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49595"
},
{
"name": "CVE-2022-49596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49596"
},
{
"name": "CVE-2022-49597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49597"
},
{
"name": "CVE-2022-49598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49598"
},
{
"name": "CVE-2022-49599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49599"
},
{
"name": "CVE-2022-49600",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49600"
},
{
"name": "CVE-2022-49601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49601"
},
{
"name": "CVE-2022-49602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49602"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2022-49612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49612"
},
{
"name": "CVE-2022-49629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49629"
},
{
"name": "CVE-2022-49633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49633"
},
{
"name": "CVE-2022-49637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49637"
},
{
"name": "CVE-2022-49639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49639"
},
{
"name": "CVE-2022-49659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49659"
},
{
"name": "CVE-2022-49662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49662"
},
{
"name": "CVE-2022-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49691"
},
{
"name": "CVE-2022-49744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49744"
},
{
"name": "CVE-2022-49747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49747"
},
{
"name": "CVE-2022-49752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49752"
},
{
"name": "CVE-2022-49754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49754"
},
{
"name": "CVE-2022-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49760"
},
{
"name": "CVE-2023-31082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31082"
},
{
"name": "CVE-2023-52516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52516"
},
{
"name": "CVE-2023-52568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52568"
},
{
"name": "CVE-2023-52570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52570"
},
{
"name": "CVE-2023-52689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52689"
},
{
"name": "CVE-2023-52704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52704"
},
{
"name": "CVE-2023-52706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52706"
},
{
"name": "CVE-2023-52828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52828"
},
{
"name": "CVE-2023-52902",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52902"
},
{
"name": "CVE-2023-52932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52932"
},
{
"name": "CVE-2023-52934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52934"
},
{
"name": "CVE-2023-52940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52940"
},
{
"name": "CVE-2023-52942",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52942"
},
{
"name": "CVE-2023-52977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52977"
},
{
"name": "CVE-2023-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52985"
},
{
"name": "CVE-2023-52987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52987"
},
{
"name": "CVE-2023-52991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52991"
},
{
"name": "CVE-2023-53004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53004"
},
{
"name": "CVE-2023-53017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53017"
},
{
"name": "CVE-2024-23196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23196"
},
{
"name": "CVE-2024-26678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26678"
},
{
"name": "CVE-2024-26725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26725"
},
{
"name": "CVE-2024-26746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26746"
},
{
"name": "CVE-2024-26918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26918"
},
{
"name": "CVE-2024-27023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27023"
},
{
"name": "CVE-2024-40907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40907"
},
{
"name": "CVE-2024-43896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43896"
},
{
"name": "CVE-2024-46748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46748"
},
{
"name": "CVE-2024-46862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46862"
},
{
"name": "CVE-2024-53073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53073"
},
{
"name": "CVE-2024-53225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53225"
},
{
"name": "CVE-2024-56668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56668"
},
{
"name": "CVE-2024-57852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57852"
},
{
"name": "CVE-2024-57914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57914"
},
{
"name": "CVE-2024-57985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57985"
},
{
"name": "CVE-2024-57989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57989"
},
{
"name": "CVE-2024-58064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58064"
},
{
"name": "CVE-2024-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58075"
},
{
"name": "CVE-2024-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58084"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2025-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21807"
},
{
"name": "CVE-2025-21817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21817"
},
{
"name": "CVE-2025-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21827"
},
{
"name": "CVE-2025-21851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21851"
},
{
"name": "CVE-2025-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21874"
},
{
"name": "CVE-2025-21907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21907"
},
{
"name": "CVE-2025-21921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21921"
},
{
"name": "CVE-2025-24357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24357"
},
{
"name": "CVE-2025-25183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25183"
},
{
"name": "CVE-2025-29770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29770"
},
{
"name": "CVE-2025-30165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30165"
},
{
"name": "CVE-2025-30202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30202"
},
{
"name": "CVE-2025-32381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32381"
},
{
"name": "CVE-2025-32444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32444"
},
{
"name": "CVE-2025-46570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46570"
},
{
"name": "CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"name": "CVE-2025-48887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48887"
},
{
"name": "CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"name": "CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2022-48879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48879"
},
{
"name": "CVE-2022-48946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48946"
},
{
"name": "CVE-2022-48951",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48951"
},
{
"name": "CVE-2022-48953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48953"
},
{
"name": "CVE-2022-48969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48969"
},
{
"name": "CVE-2022-48971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48971"
},
{
"name": "CVE-2022-48972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48972"
},
{
"name": "CVE-2022-48978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48978"
},
{
"name": "CVE-2022-48981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48981"
},
{
"name": "CVE-2022-48985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48985"
},
{
"name": "CVE-2022-48987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48987"
},
{
"name": "CVE-2022-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48988"
},
{
"name": "CVE-2022-48992",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48992"
},
{
"name": "CVE-2022-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48994"
},
{
"name": "CVE-2022-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48997"
},
{
"name": "CVE-2022-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49005"
},
{
"name": "CVE-2022-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49006"
},
{
"name": "CVE-2022-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49011"
},
{
"name": "CVE-2022-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49012"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2022-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49015"
},
{
"name": "CVE-2022-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49017"
},
{
"name": "CVE-2022-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49021"
},
{
"name": "CVE-2022-49022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49022"
},
{
"name": "CVE-2022-49024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49024"
},
{
"name": "CVE-2022-49027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49027"
},
{
"name": "CVE-2022-49028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49028"
},
{
"name": "CVE-2022-49029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49029"
},
{
"name": "CVE-2024-44932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44932"
},
{
"name": "CVE-2024-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44964"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47675"
},
{
"name": "CVE-2024-47682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47682"
},
{
"name": "CVE-2024-47687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47687"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47702"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47719"
},
{
"name": "CVE-2024-47727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47727"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-49862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49862"
},
{
"name": "CVE-2024-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49864"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49870"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49953"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50020"
},
{
"name": "CVE-2024-50021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50021"
},
{
"name": "CVE-2024-50022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50022"
},
{
"name": "CVE-2024-50023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50023"
},
{
"name": "CVE-2024-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50027"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50042"
},
{
"name": "CVE-2024-50060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50060"
},
{
"name": "CVE-2024-50064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50064"
},
{
"name": "CVE-2024-50074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
},
{
"name": "CVE-2024-50075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50075"
},
{
"name": "CVE-2024-50076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50076"
},
{
"name": "CVE-2024-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50077"
},
{
"name": "CVE-2024-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50078"
},
{
"name": "CVE-2024-50081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50081"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50226"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-44994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44994"
},
{
"name": "CVE-2024-50110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50110"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2022-48982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48982"
},
{
"name": "CVE-2022-48983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48983"
},
{
"name": "CVE-2022-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48989"
},
{
"name": "CVE-2023-52778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52778"
},
{
"name": "CVE-2024-49976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49976"
},
{
"name": "CVE-2024-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50101"
},
{
"name": "CVE-2024-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50102"
},
{
"name": "CVE-2024-50121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50121"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-50128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50128"
},
{
"name": "CVE-2024-50136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50136"
},
{
"name": "CVE-2024-50139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50139"
},
{
"name": "CVE-2024-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50141"
},
{
"name": "CVE-2024-50145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50145"
},
{
"name": "CVE-2024-50146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50146"
},
{
"name": "CVE-2024-50147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50147"
},
{
"name": "CVE-2024-50153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50153"
},
{
"name": "CVE-2024-50155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50155"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2024-50158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50158"
},
{
"name": "CVE-2024-50160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50160"
},
{
"name": "CVE-2024-50169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50169"
},
{
"name": "CVE-2024-50172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50172"
},
{
"name": "CVE-2024-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50182"
},
{
"name": "CVE-2024-50200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50200"
},
{
"name": "CVE-2024-50216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50216"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53045"
},
{
"name": "CVE-2024-53048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53048"
},
{
"name": "CVE-2024-53074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53074"
},
{
"name": "CVE-2024-53085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53085"
},
{
"name": "CVE-2024-53110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53110"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-53120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53120"
},
{
"name": "CVE-2024-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53123"
},
{
"name": "CVE-2024-53136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53136"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-53105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53105"
},
{
"name": "CVE-2024-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53117"
},
{
"name": "CVE-2024-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53118"
},
{
"name": "CVE-2024-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53134"
},
{
"name": "CVE-2024-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53151"
},
{
"name": "CVE-2024-53160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53160"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-53169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53169"
},
{
"name": "CVE-2024-53202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53202"
},
{
"name": "CVE-2024-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53206"
},
{
"name": "CVE-2024-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53207"
},
{
"name": "CVE-2024-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53208"
},
{
"name": "CVE-2024-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53213"
},
{
"name": "CVE-2024-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53215"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2024-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53229"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-56667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56667"
},
{
"name": "CVE-2024-56752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56752"
},
{
"name": "CVE-2024-48873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48873"
},
{
"name": "CVE-2024-49951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49951"
},
{
"name": "CVE-2024-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53091"
},
{
"name": "CVE-2024-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53170"
},
{
"name": "CVE-2024-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53175"
},
{
"name": "CVE-2024-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53185"
},
{
"name": "CVE-2024-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53230"
},
{
"name": "CVE-2024-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53231"
},
{
"name": "CVE-2024-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53232"
},
{
"name": "CVE-2024-53236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53236"
},
{
"name": "CVE-2024-55881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55881"
},
{
"name": "CVE-2024-56372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56372"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53238"
},
{
"name": "CVE-2024-56617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56617"
},
{
"name": "CVE-2024-56625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56625"
},
{
"name": "CVE-2024-56632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56632"
},
{
"name": "CVE-2024-56654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56654"
},
{
"name": "CVE-2024-56663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56663"
},
{
"name": "CVE-2024-56675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56675"
},
{
"name": "CVE-2024-56708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56708"
},
{
"name": "CVE-2024-56709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56709"
},
{
"name": "CVE-2024-56729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56729"
},
{
"name": "CVE-2024-56745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56745"
},
{
"name": "CVE-2024-56760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56760"
},
{
"name": "CVE-2024-56765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56765"
},
{
"name": "CVE-2024-57793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57793"
},
{
"name": "CVE-2024-57804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57804"
},
{
"name": "CVE-2024-57932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57932"
},
{
"name": "CVE-2024-57933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57933"
},
{
"name": "CVE-2024-57936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57936"
},
{
"name": "CVE-2025-21645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21645"
},
{
"name": "CVE-2025-21649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21649"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-56679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56679"
},
{
"name": "CVE-2024-56707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56707"
},
{
"name": "CVE-2024-56725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56725"
},
{
"name": "CVE-2024-56726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56726"
},
{
"name": "CVE-2024-56727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56727"
},
{
"name": "CVE-2024-57882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57882"
},
{
"name": "CVE-2024-57917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57917"
},
{
"name": "CVE-2025-21663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21663"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2024-50164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50164"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2021-47222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47222"
},
{
"name": "CVE-2021-47223",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47223"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-47700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47700"
},
{
"name": "CVE-2024-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49880"
},
{
"name": "CVE-2024-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49885"
},
{
"name": "CVE-2024-49999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49999"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50107"
},
{
"name": "CVE-2024-50109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50109"
},
{
"name": "CVE-2024-50114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50114"
},
{
"name": "CVE-2024-50120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50120"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50165"
},
{
"name": "CVE-2024-50197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50197"
},
{
"name": "CVE-2024-50207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50207"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50303"
},
{
"name": "CVE-2024-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53044"
},
{
"name": "CVE-2024-53109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53109"
},
{
"name": "CVE-2024-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53167"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53189"
},
{
"name": "CVE-2024-56535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56535"
},
{
"name": "CVE-2024-56545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56545"
},
{
"name": "CVE-2024-56696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56696"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-56783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56783"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2024-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48876"
},
{
"name": "CVE-2024-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53681"
},
{
"name": "CVE-2024-54460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54460"
},
{
"name": "CVE-2024-55642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55642"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2024-56624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56624"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56653",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56653"
},
{
"name": "CVE-2024-56657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56657"
},
{
"name": "CVE-2024-56669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56669"
},
{
"name": "CVE-2024-56710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56710"
},
{
"name": "CVE-2024-56714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56714"
},
{
"name": "CVE-2024-56772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56772"
},
{
"name": "CVE-2024-56773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56773"
},
{
"name": "CVE-2024-57878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57878"
},
{
"name": "CVE-2024-57879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57879"
},
{
"name": "CVE-2024-57885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57885"
},
{
"name": "CVE-2025-21644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21644"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2022-49220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49220"
},
{
"name": "CVE-2022-49372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49372"
},
{
"name": "CVE-2022-49578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49578"
},
{
"name": "CVE-2022-49589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49589"
},
{
"name": "CVE-2022-49620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49620"
},
{
"name": "CVE-2023-52997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52997"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58074"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2024-57987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57987"
},
{
"name": "CVE-2024-57988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57988"
},
{
"name": "CVE-2024-57995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57995"
},
{
"name": "CVE-2024-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58015"
},
{
"name": "CVE-2024-58062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58062"
},
{
"name": "CVE-2025-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21713"
},
{
"name": "CVE-2025-21770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21770"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-47316",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
}
],
"initial_release_date": "2025-12-02T00:00:00",
"last_revision_date": "2025-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1057",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36560",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36560"
},
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36564",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36564"
}
]
}
CERTFR-2023-AVI-0368
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Tenable Nessus Network Monitor versions antérieures à 6.2.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0368",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-19 du 09 mai 2023",
"url": "https://www.tenable.com/security/tns-2023-19"
}
]
}
CERTFR-2023-AVI-0245
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | AIX | IBM AIX versions 7.3.x antérieures à 7.3.0 SP04 ou 7.3.1 SP02 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection pour Microsoft Hyper-V versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | AIX | IBM AIX versions 7.1.x antérieures à 7.1.5 SP12 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.1.3.0 sans le correctif de sécurité iFix16 | ||
| IBM | Spectrum | IBM Spectrum Protect Server versions 8.1.x antérieures à 8.1.18 | ||
| IBM | Spectrum | IBM Spectrum Protect Client versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection pour VMware versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | Spectrum | IBM Spectrum Protect for Space Management versions 8.1.x antérieures à 8.1.17.2 | ||
| IBM | VIOS | IBM VIOS versions 3.1.3.x antérieures à 3.1.3.30 | ||
| IBM | VIOS | IBM VIOS versions 3.1.4.x antérieures à 3.1.4.20 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.3.0.0 sans le correctif de sécurité iFix02 | ||
| IBM | VIOS | IBM VIOS versions 3.1.x antérieures à 3.1.2.50 | ||
| IBM | Sterling Control Center | IBM Sterling Control Center version 6.2.1.0 sans le correctif de sécurité iFix11 | ||
| IBM | AIX | IBM AIX versions 7.2.x antérieures à 7.2.5 SP06 | ||
| IBM | Spectrum | IBM Spectrum Protect Backup-Archive Client versions 8.1.x antérieures à 8.1.17.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM AIX versions 7.3.x ant\u00e9rieures \u00e0 7.3.0 SP04 ou 7.3.1 SP02",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection pour Microsoft Hyper-V versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM AIX versions 7.1.x ant\u00e9rieures \u00e0 7.1.5 SP12",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix16",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Server versions 8.1.x ant\u00e9rieures \u00e0 8.1.18",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection pour VMware versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Space Management versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.3.x ant\u00e9rieures \u00e0 3.1.3.30",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.4.x ant\u00e9rieures \u00e0 3.1.4.20",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.3.0.0 sans le correctif de s\u00e9curit\u00e9 iFix02",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM VIOS versions 3.1.x ant\u00e9rieures \u00e0 3.1.2.50",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Control Center version 6.2.1.0 sans le correctif de s\u00e9curit\u00e9 iFix11",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM AIX versions 7.2.x ant\u00e9rieures \u00e0 7.2.5 SP06",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Backup-Archive Client versions 8.1.x ant\u00e9rieures \u00e0 8.1.17.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-43927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43927"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-43382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43382"
},
{
"name": "CVE-2022-25844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25844"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-43930",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-43929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43929"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0245",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964174 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964174"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963642 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963642"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963786 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963786"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6962863 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6962863"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6848309 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6848309"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963784 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963784"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6964176 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6964176"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963640 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6963071 du 17 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6963071"
}
]
}
CERTFR-2023-AVI-0190
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0190",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
}
]
}
CERTFR-2025-AVI-0864
Vulnerability from certfr_avis - Published: 2025-10-13 - Updated: 2025-10-13
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMWare Tanzu pour MySQL sur Kubernetes 2.0.0 toutes version",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-21171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21171"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2024-20977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20977"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2024-20985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20985"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-21160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21160"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2024-21052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21052"
},
{
"name": "CVE-2024-20964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20964"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2024-21053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21053"
},
{
"name": "CVE-2024-21142",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21142"
},
{
"name": "CVE-2025-21494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21494"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-20976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20976"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2024-21200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21200"
},
{
"name": "CVE-2024-20998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20998"
},
{
"name": "CVE-2024-21231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21231"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-21102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21102"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-21049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21049"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21534"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-21157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21157"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-21015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21015"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2024-21166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21166"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2023-45918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45918"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2024-20962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20962"
},
{
"name": "CVE-2022-48565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48565"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2025-21521",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21521"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-21009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21009"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-20969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20969"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2024-21177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21177"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2025-21492",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21492"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-22112",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22112"
},
{
"name": "CVE-2024-20966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20966"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-20972",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20972"
},
{
"name": "CVE-2024-21159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21159"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2024-21179",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21179"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2024-21050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21050"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-48566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48566"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2024-20961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20961"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-20996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20996"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-20983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20983"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2024-21237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21237"
},
{
"name": "CVE-2025-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21536"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-21127",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21127"
},
{
"name": "CVE-2024-21134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21134"
},
{
"name": "CVE-2024-21000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21000"
},
{
"name": "CVE-2024-20984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20984"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2024-21130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21130"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2024-21057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21057"
},
{
"name": "CVE-2025-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21525"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-21135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21135"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-20963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20963"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-21062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21062"
},
{
"name": "CVE-2024-21055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21055"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2024-21165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21165"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2024-21056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21056"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2022-40735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40735"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21047"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-20981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20981"
},
{
"name": "CVE-2024-21185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21185"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-21013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21013"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2016-20013",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20013"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2024-21162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21162"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-22092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22092"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21060"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2025-21504",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21504"
},
{
"name": "CVE-2024-20974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20974"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2024-21125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21125"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21518"
},
{
"name": "CVE-2024-20993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20993"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2024-21129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21129"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2024-20982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20982"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2024-21087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21087"
},
{
"name": "CVE-2023-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22064"
},
{
"name": "CVE-2024-20971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20971"
},
{
"name": "CVE-2024-20978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20978"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-20973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20973"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-20965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20965"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2024-21061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21061"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-20967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20967"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-21163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21163"
},
{
"name": "CVE-2024-21069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21069"
},
{
"name": "CVE-2024-21051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21051"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-20970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20970"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-21054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21054"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2024-21230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21230"
},
{
"name": "CVE-2024-20968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20968"
},
{
"name": "CVE-2024-21173",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21173"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-21008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21008"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20994"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2023-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22079"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-20960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20960"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-10-13T00:00:00",
"last_revision_date": "2025-10-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0864",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-10-10",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36208",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36208"
}
]
}
CERTFR-2025-AVI-1054
Vulnerability from certfr_avis - Published: 2025-12-01 - Updated: 2025-12-01
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.954.x | ||
| VMware | Tanzu Application Service | Stemcells (Ubuntu Noble) versions antérieures à 1.134.x | ||
| VMware | Tanzu Operations Manager | Tanzu Platform versions antérieures à 3.1.5-build.398 | ||
| VMware | Tanzu Operations Manager | Tanzu Platform versions antérieures à 3.2.1-build.271 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.954.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.134.x",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.5-build.398",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.1-build.271",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-38230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38230"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-12-01T00:00:00",
"last_revision_date": "2025-12-01T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1054",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36558",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36558"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36554",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36554"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36552",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36552"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36559",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36559"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36557",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36557"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36556",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36556"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36553",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36553"
},
{
"published_at": "2025-11-30",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36555",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36555"
}
]
}
CERTFR-2023-AVI-0444
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.2.x antérieures à 6.2.2.1 | ||
| IBM | MaaS360 | IBM MaaS360 Cloud Extender Base Module versions antérieures à 3.000.100.069 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.0.x antérieures à 6.2.0.6 | ||
| IBM | MaaS360 | IBM MaaS360 PKI Certificate Module versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.1.x antérieures à 6.2.1.3 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.1.2.x antérieures à 6.1.2.8 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.0.x antérieures à 6.2.0.6 | ||
| IBM | MaaS360 | IBM MaaS360 VPN versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.1.2.x antérieures à 6.1.2.8 | ||
| IBM | QRadar User Behavior Analytics | IBM QRadar User Behavior Analytics versions 1.x à 4.1.x antérieures à 4.1.12 | ||
| IBM | MaaS360 | IBM MaaS360 Configuration Utility versions antérieures à 3.000.100 | ||
| IBM | QRadar Deployment Intelligence App | IBM QRadar Deployment Intelligence App versions 2.x à 3.0.x antérieures à 3.0.10 | ||
| IBM | MaaS360 | IBM MaaS360 Mobile Enterprise Gateway versions antérieures à 3.000.100 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.2.x antérieures à 6.2.2.1 | ||
| IBM | MaaS360 | IBM MaaS360 Cloud Extender Agent versions antérieures à 3.000.100.069 | ||
| IBM | Sterling | IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.1.x antérieures à 6.2.1.3 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Cloud Extender Base Module versions ant\u00e9rieures \u00e0 3.000.100.069",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 PKI Certificate Module versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.3",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 VPN versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.8",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar User Behavior Analytics versions 1.x \u00e0 4.1.x ant\u00e9rieures \u00e0 4.1.12",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Configuration Utility versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Deployment Intelligence App versions 2.x \u00e0 3.0.x ant\u00e9rieures \u00e0 3.0.10",
"product": {
"name": "QRadar Deployment Intelligence App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Mobile Enterprise Gateway versions ant\u00e9rieures \u00e0 3.000.100",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Standard Edition versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.1",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM MaaS360 Cloud Extender Agent versions ant\u00e9rieures \u00e0 3.000.100.069",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Partner Engagement Manager Essentials Edition versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.3",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-27555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27555"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-29257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29257"
},
{
"name": "CVE-2023-26021",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26021"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-41915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41915"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-25930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25930"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2023-29255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29255"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-27559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27559"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26022"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2022-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0444",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001723 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001723"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001639 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001639"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001571 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001571"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001689 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001689"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001643 du 06 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001643"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7001815 du 07 juin 2023",
"url": "https://www.ibm.com/support/pages/node/7001815"
}
]
}
CERTFR-2023-AVI-0183
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable.sc. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions 5.23.1 et ant\u00e9rieures sans les correctifs de s\u00e9curit\u00e9 Patch SC-202303.1-5 et Patch SC-202303.1-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0183",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable.sc. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable.sc",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable.sc tns-2023-07 du 01 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable.sc tns-2023-08 du 01 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-08"
}
]
}
CERTFR-2024-AVI-0781
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1 | ||
| Juniper Networks | BBE Cloud Setup | BBE Cloudsetup versions antérieures à 2.1.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "BBE Cloudsetup versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "BBE Cloud Setup",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-21618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21618"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2024-39524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39524"
},
{
"name": "CVE-2020-15861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15861"
},
{
"name": "CVE-2015-5621",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2014-2310",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
},
{
"name": "CVE-2024-39523",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39523"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2020-15862",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15862"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2019-20892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20892"
},
{
"name": "CVE-2022-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4886"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2022-23525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23525"
},
{
"name": "CVE-2007-5846",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2024-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21605"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2022-23524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23524"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2015-8100",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8100"
},
{
"name": "CVE-2024-21615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21615"
},
{
"name": "CVE-2021-25746",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25746"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2008-6123",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2021-25748",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25748"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2023-33953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
},
{
"name": "CVE-2022-23526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23526"
},
{
"name": "CVE-2014-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
},
{
"name": "CVE-2024-21609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21609"
},
{
"name": "CVE-2024-39522",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39522"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-32732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
},
{
"name": "CVE-2024-39517",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39517"
},
{
"name": "CVE-2023-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
},
{
"name": "CVE-2012-6151",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
},
{
"name": "CVE-2024-39521",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39521"
},
{
"name": "CVE-2024-39512",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39512"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2021-44225",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44225"
},
{
"name": "CVE-2024-39553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39553"
},
{
"name": "CVE-2024-39520",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39520"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2014-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-5043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5043"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2021-25745",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25745"
},
{
"name": "CVE-2018-18065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18065"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0781",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-16T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75756",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-low-privileged-user-can-access-confidential-information-CVE-2024-21615"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82975",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-CLI-parameter-processing-issues-allowing-privilege-escalation-resolved"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82977",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-User-is-not-logged-out-when-the-console-cable-is-disconnected-CVE-2024-39512"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82971",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-BBE-Cloudsetup-Multiple-vulnerabilities-resolved-in-2-1-0-release"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79175",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Upon-processing-specific-L2-traffic-rpd-can-hang-in-devices-with-EVPN-VXLAN-configured-CVE-2024-39517"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82974",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL-3-0-12"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75746",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-300-Series-Specific-link-local-traffic-causes-a-control-plane-overload-CVE-2024-21605"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75759",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-LLDP-is-enabled-and-a-malformed-LLDP-packet-is-received-l2cpd-crashes-CVE-2024-21618"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75750",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-If-specific-IPsec-parameters-are-negotiated-iked-will-crash-due-to-a-memory-leak-CVE-2024-21609"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79101",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-arbitrary-data-when-sampling-service-is-enabled-leads-to-partial-Denial-of-Service-DoS-CVE-2024-39553"
},
{
"published_at": "2024-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82973",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-net-SNMP-5-9-4"
}
]
}
CERTFR-2023-AVI-0183
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable.sc. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions 5.23.1 et ant\u00e9rieures sans les correctifs de s\u00e9curit\u00e9 Patch SC-202303.1-5 et Patch SC-202303.1-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0183",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable.sc. Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable.sc",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable.sc tns-2023-07 du 01 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable.sc tns-2023-08 du 01 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-08"
}
]
}
CERTFR-2025-AVI-0967
Vulnerability from certfr_avis - Published: 2025-11-05 - Updated: 2025-11-05
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | File Integrity Monitoring pour VMware Tanzu Platform versions antérieures à 2.1.49 | ||
| VMware | Tanzu Platform | Cloud Service Broker pour Azure pour VMware Tanzu Platform versions antérieures à 1.13.1 | ||
| VMware | Tanzu Platform | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Platform | Scheduler pour VMware Tanzu Platform versions antérieures à 2.0.21 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Platform | .NET Core Buildpack versions antérieures à 2.4.64 | ||
| VMware | Tanzu Platform | VMware Tanzu Data Flow sur Tanzu Platform versions antérieures à 2.0.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.4 | ||
| VMware | Tanzu Platform | CredHub Secrets Management pour VMware Tanzu Platform versions antérieures à 1.6.7 | ||
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.8 | ||
| VMware | Tanzu Platform | Go Buildpack versions antérieures à 1.10.57 | ||
| VMware | Tanzu Platform | VMware Tanzu RabbitMQ sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Platform | NodeJS Buildpack versions antérieures à 1.8.61 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.0 | ||
| VMware | Tanzu Platform | Application Services pour VMware Tanzu Platform versions antérieures à 3.3.11 | ||
| VMware | Tanzu Platform | IPsec Encryption pour VMware Tanzu Platform versions antérieures à 1.9.68 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "File Integrity Monitoring pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.1.49",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour Azure pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.13.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.21",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.64",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Data Flow sur Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.8",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.57",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu RabbitMQ sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.61",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Application Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.3.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "IPsec Encryption pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.9.68",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-7409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7409"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2024-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6505"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-43484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43484"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3447"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38229"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43483"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-58446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58446"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3446"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-43485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43485"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2024-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-11-05T00:00:00",
"last_revision_date": "2025-11-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0967",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36323",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36323"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36343",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36343"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36326"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36305",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36305"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36345",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36345"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36329"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36316"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36331"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36334",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36334"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36335",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36335"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36340",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36340"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36319",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36319"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36339",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36339"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36322",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36322"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36321",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36321"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36324"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36336",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36336"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36318",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36318"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36337",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36337"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36346",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36346"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36315"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36317",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36317"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36344",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36344"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36341",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36341"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36314",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36314"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36330"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36332",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36332"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36304",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36304"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36342",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36342"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36333",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36333"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36327"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36338",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36338"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36328"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36325"
}
]
}
CERTFR-2023-AVI-0190
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions ant\u00e9rieures \u00e0 10.5.0",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0190",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-09 du 02 mars 2023",
"url": "https://www.tenable.com/security/tns-2023-09"
}
]
}
OPENSUSE-SU-2024:12716-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libopenssl-3-devel-3.0.8-1.1 on GA media
Notes
Title of the patch
libopenssl-3-devel-3.0.8-1.1 on GA media
Description of the patch
These are all security issues fixed in the libopenssl-3-devel-3.0.8-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12716
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libopenssl-3-devel-3.0.8-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libopenssl-3-devel-3.0.8-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12716",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12716-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4304 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4450 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0216 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0286 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0401 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0401/"
}
],
"title": "libopenssl-3-devel-3.0.8-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12716-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-1.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-1.1.aarch64",
"product_id": "libopenssl3-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl3-32bit-3.0.8-1.1.aarch64",
"product_id": "libopenssl3-32bit-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl3-hmac-3.0.8-1.1.aarch64",
"product_id": "libopenssl3-hmac-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"product": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"product_id": "libopenssl3-hmac-32bit-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-1.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-1.1.aarch64",
"product_id": "openssl-3-3.0.8-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-1.1.aarch64",
"product": {
"name": "openssl-3-doc-3.0.8-1.1.aarch64",
"product_id": "openssl-3-doc-3.0.8-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-1.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"product_id": "libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-1.1.ppc64le",
"product_id": "libopenssl3-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl3-32bit-3.0.8-1.1.ppc64le",
"product_id": "libopenssl3-32bit-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl3-hmac-3.0.8-1.1.ppc64le",
"product_id": "libopenssl3-hmac-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"product": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"product_id": "libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-1.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-1.1.ppc64le",
"product_id": "openssl-3-3.0.8-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-1.1.ppc64le",
"product": {
"name": "openssl-3-doc-3.0.8-1.1.ppc64le",
"product_id": "openssl-3-doc-3.0.8-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-1.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"product_id": "libopenssl-3-devel-32bit-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-1.1.s390x",
"product_id": "libopenssl3-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl3-32bit-3.0.8-1.1.s390x",
"product_id": "libopenssl3-32bit-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl3-hmac-3.0.8-1.1.s390x",
"product_id": "libopenssl3-hmac-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"product": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"product_id": "libopenssl3-hmac-32bit-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-1.1.s390x",
"product": {
"name": "openssl-3-3.0.8-1.1.s390x",
"product_id": "openssl-3-3.0.8-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-1.1.s390x",
"product": {
"name": "openssl-3-doc-3.0.8-1.1.s390x",
"product_id": "openssl-3-doc-3.0.8-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-1.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-1.1.x86_64",
"product_id": "libopenssl3-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-1.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl3-hmac-3.0.8-1.1.x86_64",
"product_id": "libopenssl3-hmac-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"product": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"product_id": "libopenssl3-hmac-32bit-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-1.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-1.1.x86_64",
"product_id": "openssl-3-3.0.8-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-1.1.x86_64",
"product": {
"name": "openssl-3-doc-3.0.8-1.1.x86_64",
"product_id": "openssl-3-doc-3.0.8-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl3-32bit-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl3-32bit-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl3-32bit-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl3-hmac-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl3-hmac-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl3-hmac-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl3-hmac-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64"
},
"product_reference": "libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le"
},
"product_reference": "libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x"
},
"product_reference": "libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-hmac-32bit-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64"
},
"product_reference": "libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x"
},
"product_reference": "openssl-3-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.8-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64"
},
"product_reference": "openssl-3-doc-3.0.8-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.8-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le"
},
"product_reference": "openssl-3-doc-3.0.8-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.8-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x"
},
"product_reference": "openssl-3-doc-3.0.8-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.8-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
},
"product_reference": "openssl-3-doc-3.0.8-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4203"
}
],
"notes": [
{
"category": "general",
"text": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4203",
"url": "https://www.suse.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1207535 for CVE-2022-4203",
"url": "https://bugzilla.suse.com/1207535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4304"
}
],
"notes": [
{
"category": "general",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE.\n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4304",
"url": "https://www.suse.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "SUSE Bug 1207534 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1207534"
},
{
"category": "external",
"summary": "SUSE Bug 1210067 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1210067"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1213289 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1213289"
},
{
"category": "external",
"summary": "SUSE Bug 1215014 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1215014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4450"
}
],
"notes": [
{
"category": "general",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and\ndecodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data.\nIf the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are\npopulated with pointers to buffers containing the relevant decoded data. The\ncaller is responsible for freeing those buffers. It is possible to construct a\nPEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex()\nwill return a failure code but will populate the header argument with a pointer\nto a buffer that has already been freed. If the caller also frees this buffer\nthen a double free will occur. This will most likely lead to a crash. This\ncould be exploited by an attacker who has the ability to supply malicious PEM\nfiles for parsing to achieve a denial of service attack.\n\nThe functions PEM_read_bio() and PEM_read() are simple wrappers around\nPEM_read_bio_ex() and therefore these functions are also directly affected.\n\nThese functions are also called indirectly by a number of other OpenSSL\nfunctions including PEM_X509_INFO_read_bio_ex() and\nSSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal\nuses of these functions are not vulnerable because the caller does not free the\nheader argument if PEM_read_bio_ex() returns a failure code. These locations\ninclude the PEM_read_bio_TYPE() functions as well as the decoders introduced in\nOpenSSL 3.0.\n\nThe OpenSSL asn1parse command line application is also impacted by this issue.\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4450",
"url": "https://www.suse.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "SUSE Bug 1207538 for CVE-2022-4450",
"url": "https://bugzilla.suse.com/1207538"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2022-4450",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0215"
}
],
"notes": [
{
"category": "general",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming\nASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\nSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\nend user applications.\n\nThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\nBIO onto the front of it to form a BIO chain, and then returns the new head of\nthe BIO chain to the caller. Under certain conditions, for example if a CMS\nrecipient public key is invalid, the new filter BIO is freed and the function\nreturns a NULL result indicating a failure. However, in this case, the BIO chain\nis not properly cleaned up and the BIO passed by the caller still retains\ninternal pointers to the previously freed filter BIO. If the caller then goes on\nto call BIO_pop() on the BIO then a use-after-free will occur. This will most\nlikely result in a crash.\n\n\n\nThis scenario occurs directly in the internal function B64_write_ASN1() which\nmay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\nthe BIO. This internal function is in turn called by the public API functions\nPEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\nSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.\n\nOther public API functions that may be impacted by this include\ni2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\ni2d_PKCS7_bio_stream.\n\nThe OpenSSL cms and smime command line applications are similarly affected.\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0215",
"url": "https://www.suse.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "SUSE Bug 1207536 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1207536"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0216"
}
],
"notes": [
{
"category": "general",
"text": "An invalid pointer dereference on read can be triggered when an\napplication tries to load malformed PKCS7 data with the\nd2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions.\n\nThe result of the dereference is an application crash which could\nlead to a denial of service attack. The TLS implementation in OpenSSL\ndoes not call this function however third party applications might\ncall these functions on untrusted data.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0216",
"url": "https://www.suse.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "SUSE Bug 1207539 for CVE-2023-0216",
"url": "https://bugzilla.suse.com/1207539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0217"
}
],
"notes": [
{
"category": "general",
"text": "An invalid pointer dereference on read can be triggered when an\napplication tries to check a malformed DSA public key by the\nEVP_PKEY_public_check() function. This will most likely lead\nto an application crash. This function can be called on public\nkeys supplied from untrusted sources which could allow an attacker\nto cause a denial of service attack.\n\nThe TLS implementation in OpenSSL does not call this function\nbut applications might call the function if there are additional\nsecurity requirements imposed by standards such as FIPS 140-3.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0217",
"url": "https://www.suse.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "SUSE Bug 1207540 for CVE-2023-0217",
"url": "https://bugzilla.suse.com/1207540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0286"
}
],
"notes": [
{
"category": "general",
"text": "There is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING.\n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0286",
"url": "https://www.suse.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "SUSE Bug 1207533 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1207533"
},
{
"category": "external",
"summary": "SUSE Bug 1207569 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1207569"
},
{
"category": "external",
"summary": "SUSE Bug 1211136 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1211136"
},
{
"category": "external",
"summary": "SUSE Bug 1211503 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1211503"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1214269 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1214269"
},
{
"category": "external",
"summary": "SUSE Bug 1218477 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1218477"
},
{
"category": "external",
"summary": "SUSE Bug 1218967 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1218967"
},
{
"category": "external",
"summary": "SUSE Bug 1225677 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1225677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0401"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer can be dereferenced when signatures are being\nverified on PKCS7 signed or signedAndEnveloped data. In case the hash\nalgorithm used for the signature is known to the OpenSSL library but\nthe implementation of the hash algorithm is not available the digest\ninitialization will fail. There is a missing check for the return\nvalue from the initialization function which later leads to invalid\nusage of the digest API most likely leading to a crash.\n\nThe unavailability of an algorithm can be caused by using FIPS\nenabled configuration of providers or more commonly by not loading\nthe legacy provider.\n\nPKCS7 data is processed by the SMIME library calls and also by the\ntime stamp (TS) library calls. The TLS implementation in OpenSSL does\nnot call these functions however third party applications would be\naffected if they call these functions to verify signatures on untrusted\ndata.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0401",
"url": "https://www.suse.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "SUSE Bug 1207541 for CVE-2023-0401",
"url": "https://bugzilla.suse.com/1207541"
},
{
"category": "external",
"summary": "SUSE Bug 1210509 for CVE-2023-0401",
"url": "https://bugzilla.suse.com/1210509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:libopenssl3-hmac-32bit-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-3.0.8-1.1.x86_64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.aarch64",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.ppc64le",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.s390x",
"openSUSE Tumbleweed:openssl-3-doc-3.0.8-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-0401"
}
]
}
RHSA-2023_1199
Vulnerability from csaf_redhat - Published: 2023-03-14 13:57 - Updated: 2024-11-25 08:49Summary
Red Hat Security Advisory: openssl security and bug fix update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20 March 2023]
Previously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
* openssl: NULL dereference validating DSA public key (CVE-2023-0217)
* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144001)
* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)
* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144009)
* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)
* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144013)
* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144016)
* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)
* In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator (BZ#2144020)
* In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145171)
* OpenSSL FIPS checksum code needs update (BZ#2158413)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20 March 2023]\nPreviously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\n* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)\n\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n\n* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)\n\n* openssl: NULL dereference validating DSA public key (CVE-2023-0217)\n\n* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* HMAC generation should reject key lengths \u003c 112 bits or provide an indicator in FIPS mode (BZ#2144001)\n\n* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)\n\n* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144009)\n\n* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)\n\n* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144013)\n\n* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144016)\n\n* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)\n\n* In FIPS mode, openssl should reject KDF input and output key lengths \u003c 112 bits or provide an indicator (BZ#2144020)\n\n* In FIPS mode, openssl should reject RSA keys \u003c 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145171)\n\n* OpenSSL FIPS checksum code needs update (BZ#2158413)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1199",
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2144001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144001"
},
{
"category": "external",
"summary": "2144004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144004"
},
{
"category": "external",
"summary": "2144007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144007"
},
{
"category": "external",
"summary": "2144009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144009"
},
{
"category": "external",
"summary": "2144011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144011"
},
{
"category": "external",
"summary": "2144013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144013"
},
{
"category": "external",
"summary": "2144016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144016"
},
{
"category": "external",
"summary": "2144018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144018"
},
{
"category": "external",
"summary": "2144020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144020"
},
{
"category": "external",
"summary": "2145171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145171"
},
{
"category": "external",
"summary": "2158413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158413"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1199.json"
}
],
"title": "Red Hat Security Advisory: openssl security and bug fix update",
"tracking": {
"current_release_date": "2024-11-25T08:49:22+00:00",
"generator": {
"date": "2024-11-25T08:49:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:1199",
"initial_release_date": "2023-03-14T13:57:15+00:00",
"revision_history": [
{
"date": "2023-03-14T13:57:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-21T11:27:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T08:49:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.src",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.src",
"product_id": "openssl-1:3.0.1-46.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: read buffer overflow in X.509 certificate verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "RHBZ#2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: read buffer overflow in X.509 certificate verification"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact as it is less easily exploited and is only vulnerable in unlikely configurations. Additionally, the upstream advisory (linked in External References) also rates it as Moderate.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having a moderate impact in alignment with upstream. See the security advisory linked in external references.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0216",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164497"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. This may result in an application crash which could lead to a denial of service. The TLS implementation in OpenSSL does not call this function, however, third party applications might call these functions on untrusted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: invalid pointer dereference in d2i_PKCS7 functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "RHBZ#2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: invalid pointer dereference in d2i_PKCS7 functions"
},
{
"cve": "CVE-2023-0217",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference validating DSA public key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "RHBZ#2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference validating DSA public key"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"cve": "CVE-2023-0401",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164500"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API, most likely leading to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference during PKCS7 data verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "RHBZ#2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference during PKCS7 data verification"
}
]
}
RHSA-2023:0946
Vulnerability from csaf_redhat - Published: 2023-02-28 08:22 - Updated: 2025-11-21 18:38Summary
Red Hat Security Advisory: openssl security and bug fix update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20 March 2023]
Previously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
* openssl: NULL dereference validating DSA public key (CVE-2023-0217)
* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144000)
* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144003)
* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144008)
* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144010)
* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144012)
* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144015)
* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144017)
* In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator (BZ#2144019)
* In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145170)
* RHEL9.1 Nightly[0912] - error:03000093:digital envelope routines::command not supported when git clone is run with configured ibmca engine backed by libica.so.4 (OpenSSL 3.0) (BZ#2149010)
* OpenSSL FIPS checksum code needs update (BZ#2158412)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20 March 2023]\nPreviously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\n* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)\n\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n\n* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)\n\n* openssl: NULL dereference validating DSA public key (CVE-2023-0217)\n\n* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* HMAC generation should reject key lengths \u003c 112 bits or provide an indicator in FIPS mode (BZ#2144000)\n\n* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144003)\n\n* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144008)\n\n* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144010)\n\n* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144012)\n\n* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144015)\n\n* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144017)\n\n* In FIPS mode, openssl should reject KDF input and output key lengths \u003c 112 bits or provide an indicator (BZ#2144019)\n\n* In FIPS mode, openssl should reject RSA keys \u003c 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145170)\n\n* RHEL9.1 Nightly[0912] - error:03000093:digital envelope routines::command not supported when git clone is run with configured ibmca engine backed by libica.so.4 (OpenSSL 3.0) (BZ#2149010)\n\n* OpenSSL FIPS checksum code needs update (BZ#2158412)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0946",
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2144000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000"
},
{
"category": "external",
"summary": "2144003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003"
},
{
"category": "external",
"summary": "2144006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006"
},
{
"category": "external",
"summary": "2144008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008"
},
{
"category": "external",
"summary": "2144010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010"
},
{
"category": "external",
"summary": "2144012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012"
},
{
"category": "external",
"summary": "2144015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015"
},
{
"category": "external",
"summary": "2144017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017"
},
{
"category": "external",
"summary": "2144019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019"
},
{
"category": "external",
"summary": "2145170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170"
},
{
"category": "external",
"summary": "2158412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0946.json"
}
],
"title": "Red Hat Security Advisory: openssl security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:38:05+00:00",
"generator": {
"date": "2025-11-21T18:38:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2023:0946",
"initial_release_date": "2023-02-28T08:22:08+00:00",
"revision_history": [
{
"date": "2023-02-28T08:22:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-21T11:29:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:38:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.src",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.src",
"product_id": "openssl-1:3.0.1-47.el9_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.src",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: read buffer overflow in X.509 certificate verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "RHBZ#2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: read buffer overflow in X.509 certificate verification"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A double-free vulnerability was found in the OpenSSL library in the PEM_read_bio_ex() function and its wrappers. The flaw is triggered when the library parses a specially crafted PEM file constructed to have zero bytes of payload data. This edge case causes the function to return a failure code but also populate a header argument with a pointer to memory that has already been freed, leading to a double-free condition if the calling application also attempts to free it, resulting in a crash and a denial of service. The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-415: Double Free vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software configurations, while least functionality reduces the attack surface by enforcing safe memory allocation and deallocation practices, lowering the risk of double-free vulnerabilities. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code while providing real-time visibility into memory usage, reducing the risk of arbitrary code execution. Static code analysis and peer reviews enforce strong input validation and error handling, minimizing the risk of denial-of-service (DoS) attacks. In the event of successful exploitation, process isolation prevents compromised workloads from accessing other processes\u2019 memory, containing the potential impact. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) enhance resilience against memory-related vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was found in the OpenSSL library within the BIO_new_NDEF function, which is used for ASN.1 data streaming. The flaw is a use-after-free issue that happens when an error occurs while setting up a BIO chain. In this case, the filter BIO is freed, but the original BIO still holds a reference to it. If the caller later calls BIO_pop(), it tries to use this freed pointer, causing a crash and leading to a Denial of Service (DoS). The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-416: Use After Free vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure that only authorized users and roles can execute or modify code. Red Hat also enforces least functionality, enabling only essential features, services, and ports. Hardening guidelines ensure the most restrictive settings required for operations, while baseline configurations enforce safe memory allocation and deallocation practices to reduce the risk of use-after-free vulnerabilities. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code and provide real-time visibility into memory usage, lowering the risk of arbitrary code execution. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of denial-of-service (DoS) attacks. In the event of successful exploitation, process isolation prevents a compromised process from accessing memory freed by another, containing potential impact. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) enhance resilience against memory-related vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0216",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164497"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. This may result in an application crash which could lead to a denial of service. The TLS implementation in OpenSSL does not call this function, however, third party applications might call these functions on untrusted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: invalid pointer dereference in d2i_PKCS7 functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "RHBZ#2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: invalid pointer dereference in d2i_PKCS7 functions"
},
{
"cve": "CVE-2023-0217",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference validating DSA public key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "RHBZ#2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference validating DSA public key"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"cve": "CVE-2023-0401",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164500"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API, most likely leading to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference during PKCS7 data verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "RHBZ#2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference during PKCS7 data verification"
}
]
}
RHSA-2023_0946
Vulnerability from csaf_redhat - Published: 2023-02-28 08:22 - Updated: 2024-11-25 08:49Summary
Red Hat Security Advisory: openssl security and bug fix update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20 March 2023]
Previously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
* openssl: NULL dereference validating DSA public key (CVE-2023-0217)
* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144000)
* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144003)
* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144008)
* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144010)
* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144012)
* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144015)
* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144017)
* In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator (BZ#2144019)
* In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145170)
* RHEL9.1 Nightly[0912] - error:03000093:digital envelope routines::command not supported when git clone is run with configured ibmca engine backed by libica.so.4 (OpenSSL 3.0) (BZ#2149010)
* OpenSSL FIPS checksum code needs update (BZ#2158412)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20 March 2023]\nPreviously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\n* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)\n\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n\n* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)\n\n* openssl: NULL dereference validating DSA public key (CVE-2023-0217)\n\n* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* HMAC generation should reject key lengths \u003c 112 bits or provide an indicator in FIPS mode (BZ#2144000)\n\n* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144003)\n\n* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144008)\n\n* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144010)\n\n* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144012)\n\n* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144015)\n\n* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144017)\n\n* In FIPS mode, openssl should reject KDF input and output key lengths \u003c 112 bits or provide an indicator (BZ#2144019)\n\n* In FIPS mode, openssl should reject RSA keys \u003c 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145170)\n\n* RHEL9.1 Nightly[0912] - error:03000093:digital envelope routines::command not supported when git clone is run with configured ibmca engine backed by libica.so.4 (OpenSSL 3.0) (BZ#2149010)\n\n* OpenSSL FIPS checksum code needs update (BZ#2158412)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0946",
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2144000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144000"
},
{
"category": "external",
"summary": "2144003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144003"
},
{
"category": "external",
"summary": "2144006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144006"
},
{
"category": "external",
"summary": "2144008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144008"
},
{
"category": "external",
"summary": "2144010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144010"
},
{
"category": "external",
"summary": "2144012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144012"
},
{
"category": "external",
"summary": "2144015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144015"
},
{
"category": "external",
"summary": "2144017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144017"
},
{
"category": "external",
"summary": "2144019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144019"
},
{
"category": "external",
"summary": "2145170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145170"
},
{
"category": "external",
"summary": "2158412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158412"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0946.json"
}
],
"title": "Red Hat Security Advisory: openssl security and bug fix update",
"tracking": {
"current_release_date": "2024-11-25T08:49:13+00:00",
"generator": {
"date": "2024-11-25T08:49:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:0946",
"initial_release_date": "2023-02-28T08:22:08+00:00",
"revision_history": [
{
"date": "2023-02-28T08:22:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-21T11:29:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T08:49:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.src",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.src",
"product_id": "openssl-1:3.0.1-47.el9_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product_id": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-47.el9_1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.src",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.aarch64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.s390x",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-47.el9_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-47.el9_1.x86_64",
"relates_to_product_reference": "BaseOS-9.1.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: read buffer overflow in X.509 certificate verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "RHBZ#2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: read buffer overflow in X.509 certificate verification"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact as it is less easily exploited and is only vulnerable in unlikely configurations. Additionally, the upstream advisory (linked in External References) also rates it as Moderate.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having a moderate impact in alignment with upstream. See the security advisory linked in external references.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0216",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164497"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. This may result in an application crash which could lead to a denial of service. The TLS implementation in OpenSSL does not call this function, however, third party applications might call these functions on untrusted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: invalid pointer dereference in d2i_PKCS7 functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "RHBZ#2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: invalid pointer dereference in d2i_PKCS7 functions"
},
{
"cve": "CVE-2023-0217",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference validating DSA public key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "RHBZ#2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference validating DSA public key"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"cve": "CVE-2023-0401",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164500"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API, most likely leading to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference during PKCS7 data verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "RHBZ#2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-28T08:22:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"AppStream-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.src",
"BaseOS-9.1.0.Z.MAIN:openssl-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-debugsource-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-devel-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.i686",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-libs-debuginfo-1:3.0.1-47.el9_1.x86_64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.aarch64",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.ppc64le",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.s390x",
"BaseOS-9.1.0.Z.MAIN:openssl-perl-1:3.0.1-47.el9_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference during PKCS7 data verification"
}
]
}
RHSA-2023:1199
Vulnerability from csaf_redhat - Published: 2023-03-14 13:57 - Updated: 2025-11-21 18:38Summary
Red Hat Security Advisory: openssl security and bug fix update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20 March 2023]
Previously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)
* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
* openssl: NULL dereference validating DSA public key (CVE-2023-0217)
* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144001)
* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)
* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144009)
* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)
* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144013)
* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144016)
* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)
* In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator (BZ#2144020)
* In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145171)
* OpenSSL FIPS checksum code needs update (BZ#2158413)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20 March 2023]\nPreviously, this erratum was marked as having a security impact of Moderate. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to packages.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)\n\n* openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)\n\n* openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)\n\n* openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)\n\n* openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)\n\n* openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)\n\n* openssl: NULL dereference validating DSA public key (CVE-2023-0217)\n\n* openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* HMAC generation should reject key lengths \u003c 112 bits or provide an indicator in FIPS mode (BZ#2144001)\n\n* In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)\n\n* stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144009)\n\n* In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)\n\n* In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144013)\n\n* In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144016)\n\n* In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)\n\n* In FIPS mode, openssl should reject KDF input and output key lengths \u003c 112 bits or provide an indicator (BZ#2144020)\n\n* In FIPS mode, openssl should reject RSA keys \u003c 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145171)\n\n* OpenSSL FIPS checksum code needs update (BZ#2158413)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1199",
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2144001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144001"
},
{
"category": "external",
"summary": "2144004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144004"
},
{
"category": "external",
"summary": "2144007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144007"
},
{
"category": "external",
"summary": "2144009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144009"
},
{
"category": "external",
"summary": "2144011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144011"
},
{
"category": "external",
"summary": "2144013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144013"
},
{
"category": "external",
"summary": "2144016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144016"
},
{
"category": "external",
"summary": "2144018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144018"
},
{
"category": "external",
"summary": "2144020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144020"
},
{
"category": "external",
"summary": "2145171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145171"
},
{
"category": "external",
"summary": "2158413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158413"
},
{
"category": "external",
"summary": "2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1199.json"
}
],
"title": "Red Hat Security Advisory: openssl security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:38:25+00:00",
"generator": {
"date": "2025-11-21T18:38:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2023:1199",
"initial_release_date": "2023-03-14T13:57:15+00:00",
"revision_history": [
{
"date": "2023-03-14T13:57:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-21T11:27:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:38:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-devel@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-perl@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debugsource@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-debuginfo@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs-debuginfo@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product_id": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl-libs@3.0.1-46.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1:3.0.1-46.el9_0.src",
"product": {
"name": "openssl-1:3.0.1-46.el9_0.src",
"product_id": "openssl-1:3.0.1-46.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssl@3.0.1-46.el9_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-devel-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-devel-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-perl-1:3.0.1-46.el9_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
},
"product_reference": "openssl-perl-1:3.0.1-46.el9_0.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: read buffer overflow in X.509 certificate verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "RHBZ#2164488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: read buffer overflow in X.509 certificate verification"
},
{
"cve": "CVE-2022-4304",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164487"
}
],
"notes": [
{
"category": "description",
"text": "A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: timing attack in RSA Decryption implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "RHBZ#2164487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: timing attack in RSA Decryption implementation"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164494"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in OpenSSL\u0027s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (for example, \"CERTIFICATE\"), any header data, and the payload data. If the function succeeds, then the \"name_out,\" \"header,\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: double free after calling PEM_read_bio_ex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A double-free vulnerability was found in the OpenSSL library in the PEM_read_bio_ex() function and its wrappers. The flaw is triggered when the library parses a specially crafted PEM file constructed to have zero bytes of payload data. This edge case causes the function to return a failure code but also populate a header argument with a pointer to memory that has already been freed, leading to a double-free condition if the calling application also attempts to free it, resulting in a crash and a denial of service. The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.\n\nThe versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are shipping OpenSSL 1.1.1 and 1.0.2, which do not contain the incorrect code, so those are not affected by this CVE.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-415: Double Free vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software configurations, while least functionality reduces the attack surface by enforcing safe memory allocation and deallocation practices, lowering the risk of double-free vulnerabilities. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code while providing real-time visibility into memory usage, reducing the risk of arbitrary code execution. Static code analysis and peer reviews enforce strong input validation and error handling, minimizing the risk of denial-of-service (DoS) attacks. In the event of successful exploitation, process isolation prevents compromised workloads from accessing other processes\u2019 memory, containing the potential impact. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) enhance resilience against memory-related vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "RHBZ#2164494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: double free after calling PEM_read_bio_ex"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164492"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in OpenSSL\u0027s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: use-after-free following BIO_new_NDEF",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was found in the OpenSSL library within the BIO_new_NDEF function, which is used for ASN.1 data streaming. The flaw is a use-after-free issue that happens when an error occurs while setting up a BIO chain. In this case, the filter BIO is freed, but the original BIO still holds a reference to it. If the caller later calls BIO_pop(), it tries to use this freed pointer, causing a crash and leading to a Denial of Service (DoS). The flaw is rated as moderate because it results in a crash but does not allow code execution, memory corruption beyond the crash, or data leakage.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-416: Use After Free vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure that only authorized users and roles can execute or modify code. Red Hat also enforces least functionality, enabling only essential features, services, and ports. Hardening guidelines ensure the most restrictive settings required for operations, while baseline configurations enforce safe memory allocation and deallocation practices to reduce the risk of use-after-free vulnerabilities. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code and provide real-time visibility into memory usage, lowering the risk of arbitrary code execution. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of denial-of-service (DoS) attacks. In the event of successful exploitation, process isolation prevents a compromised process from accessing memory freed by another, containing potential impact. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) enhance resilience against memory-related vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "RHBZ#2164492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: use-after-free following BIO_new_NDEF"
},
{
"cve": "CVE-2023-0216",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164497"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. This may result in an application crash which could lead to a denial of service. The TLS implementation in OpenSSL does not call this function, however, third party applications might call these functions on untrusted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: invalid pointer dereference in d2i_PKCS7 functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "RHBZ#2164497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: invalid pointer dereference in d2i_PKCS7 functions"
},
{
"cve": "CVE-2023-0217",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference validating DSA public key",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "RHBZ#2164499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference validating DSA public key"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164440"
}
],
"notes": [
{
"category": "description",
"text": "A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: X.400 address type confusion in X.509 GeneralName",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For shim in Red Hat Enterprise Linux 8 \u0026 9, is not affected as shim doesn\u0027t support any CRL processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "RHBZ#2164440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20230207.txt",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: X.400 address type confusion in X.509 GeneralName"
},
{
"cve": "CVE-2023-0401",
"discovery_date": "2023-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164500"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API, most likely leading to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL dereference during PKCS7 data verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, and 8 ships OpenSSL 1.1.1 and 1.0.2 which do not contain the incorrect code, so those are not affected by this CVE. Similarly, the versions of `shim` as shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "RHBZ#2164500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401"
}
],
"release_date": "2023-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-14T13:57:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"AppStream-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.src",
"BaseOS-9.0.0.Z.EUS:openssl-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-debugsource-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-devel-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.i686",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-libs-debuginfo-1:3.0.1-46.el9_0.x86_64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.aarch64",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.ppc64le",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.s390x",
"BaseOS-9.0.0.Z.EUS:openssl-perl-1:3.0.1-46.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL dereference during PKCS7 data verification"
}
]
}
SUSE-SU-2023:0312-1
Vulnerability from csaf_suse - Published: 2023-02-07 16:54 - Updated: 2023-02-07 16:54Summary
Security update for openssl-3
Notes
Title of the patch
Security update for openssl-3
Description of the patch
This update for openssl-3 fixes the following issues:
Security fixes:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data verification (bsc#1207541).
- CVE-2023-0217: Fixed NULL pointer dereference validating DSA public key (bsc#1207540).
- CVE-2023-0216: Fixed invalid pointer dereference in d2i_PKCS7 functions (bsc#1207539).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
- CVE-2022-4203: Fixed read Buffer Overflow with X.509 Name Constraints (bsc#1207535).
Non-security fixes:
- Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing (bsc#1206222).
- Enable zlib compression support (bsc#1195149).
- Add crypto-policies dependency.
Patchnames
SUSE-2023-312,SUSE-SLE-Module-Basesystem-15-SP4-2023-312,openSUSE-SLE-15.4-2023-312
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).\n- CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data verification (bsc#1207541).\n- CVE-2023-0217: Fixed NULL pointer dereference validating DSA public key (bsc#1207540).\n- CVE-2023-0216: Fixed invalid pointer dereference in d2i_PKCS7 functions (bsc#1207539).\n- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).\n- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538).\n- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).\n- CVE-2022-4203: Fixed read Buffer Overflow with X.509 Name Constraints (bsc#1207535).\n\nNon-security fixes:\n\n- Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing (bsc#1206222).\n- Enable zlib compression support (bsc#1195149).\n- Add crypto-policies dependency.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-312,SUSE-SLE-Module-Basesystem-15-SP4-2023-312,openSUSE-SLE-15.4-2023-312",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0312-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0312-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230312-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0312-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013654.html"
},
{
"category": "self",
"summary": "SUSE Bug 1195149",
"url": "https://bugzilla.suse.com/1195149"
},
{
"category": "self",
"summary": "SUSE Bug 1206222",
"url": "https://bugzilla.suse.com/1206222"
},
{
"category": "self",
"summary": "SUSE Bug 1207533",
"url": "https://bugzilla.suse.com/1207533"
},
{
"category": "self",
"summary": "SUSE Bug 1207534",
"url": "https://bugzilla.suse.com/1207534"
},
{
"category": "self",
"summary": "SUSE Bug 1207535",
"url": "https://bugzilla.suse.com/1207535"
},
{
"category": "self",
"summary": "SUSE Bug 1207536",
"url": "https://bugzilla.suse.com/1207536"
},
{
"category": "self",
"summary": "SUSE Bug 1207538",
"url": "https://bugzilla.suse.com/1207538"
},
{
"category": "self",
"summary": "SUSE Bug 1207539",
"url": "https://bugzilla.suse.com/1207539"
},
{
"category": "self",
"summary": "SUSE Bug 1207540",
"url": "https://bugzilla.suse.com/1207540"
},
{
"category": "self",
"summary": "SUSE Bug 1207541",
"url": "https://bugzilla.suse.com/1207541"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4203 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4304 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4450 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0216 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0286 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0401 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0401/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2023-02-07T16:54:57Z",
"generator": {
"date": "2023-02-07T16:54:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0312-1",
"initial_release_date": "2023-02-07T16:54:57Z",
"revision_history": [
{
"date": "2023-02-07T16:54:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.1-150400.4.17.1.aarch64",
"product": {
"name": "libopenssl3-3.0.1-150400.4.17.1.aarch64",
"product_id": "libopenssl3-3.0.1-150400.4.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.1-150400.4.17.1.aarch64",
"product": {
"name": "openssl-3-3.0.1-150400.4.17.1.aarch64",
"product_id": "openssl-3-3.0.1-150400.4.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.1-150400.4.17.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.1-150400.4.17.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.1-150400.4.17.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.1-150400.4.17.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.1-150400.4.17.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.1-150400.4.17.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.i586",
"product_id": "libopenssl-3-devel-3.0.1-150400.4.17.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.1-150400.4.17.1.i586",
"product": {
"name": "libopenssl3-3.0.1-150400.4.17.1.i586",
"product_id": "libopenssl3-3.0.1-150400.4.17.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.1-150400.4.17.1.i586",
"product": {
"name": "openssl-3-3.0.1-150400.4.17.1.i586",
"product_id": "openssl-3-3.0.1-150400.4.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.1-150400.4.17.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.1-150400.4.17.1.noarch",
"product_id": "openssl-3-doc-3.0.1-150400.4.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"product_id": "libopenssl3-3.0.1-150400.4.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.1-150400.4.17.1.ppc64le",
"product": {
"name": "openssl-3-3.0.1-150400.4.17.1.ppc64le",
"product_id": "openssl-3-3.0.1-150400.4.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"product_id": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.1-150400.4.17.1.s390x",
"product": {
"name": "libopenssl3-3.0.1-150400.4.17.1.s390x",
"product_id": "libopenssl3-3.0.1-150400.4.17.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.1-150400.4.17.1.s390x",
"product": {
"name": "openssl-3-3.0.1-150400.4.17.1.s390x",
"product_id": "openssl-3-3.0.1-150400.4.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.1-150400.4.17.1.x86_64",
"product": {
"name": "libopenssl3-3.0.1-150400.4.17.1.x86_64",
"product_id": "libopenssl3-3.0.1-150400.4.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.1-150400.4.17.1.x86_64",
"product": {
"name": "openssl-3-3.0.1-150400.4.17.1.x86_64",
"product_id": "openssl-3-3.0.1-150400.4.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.1-150400.4.17.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl3-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.1-150400.4.17.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64"
},
"product_reference": "openssl-3-3.0.1-150400.4.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.0.1-150400.4.17.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
},
"product_reference": "openssl-3-doc-3.0.1-150400.4.17.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4203"
}
],
"notes": [
{
"category": "general",
"text": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4203",
"url": "https://www.suse.com/security/cve/CVE-2022-4203"
},
{
"category": "external",
"summary": "SUSE Bug 1207535 for CVE-2022-4203",
"url": "https://bugzilla.suse.com/1207535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4304"
}
],
"notes": [
{
"category": "general",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE.\n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4304",
"url": "https://www.suse.com/security/cve/CVE-2022-4304"
},
{
"category": "external",
"summary": "SUSE Bug 1207534 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1207534"
},
{
"category": "external",
"summary": "SUSE Bug 1210067 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1210067"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1213289 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1213289"
},
{
"category": "external",
"summary": "SUSE Bug 1215014 for CVE-2022-4304",
"url": "https://bugzilla.suse.com/1215014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4450"
}
],
"notes": [
{
"category": "general",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and\ndecodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data.\nIf the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are\npopulated with pointers to buffers containing the relevant decoded data. The\ncaller is responsible for freeing those buffers. It is possible to construct a\nPEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex()\nwill return a failure code but will populate the header argument with a pointer\nto a buffer that has already been freed. If the caller also frees this buffer\nthen a double free will occur. This will most likely lead to a crash. This\ncould be exploited by an attacker who has the ability to supply malicious PEM\nfiles for parsing to achieve a denial of service attack.\n\nThe functions PEM_read_bio() and PEM_read() are simple wrappers around\nPEM_read_bio_ex() and therefore these functions are also directly affected.\n\nThese functions are also called indirectly by a number of other OpenSSL\nfunctions including PEM_X509_INFO_read_bio_ex() and\nSSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal\nuses of these functions are not vulnerable because the caller does not free the\nheader argument if PEM_read_bio_ex() returns a failure code. These locations\ninclude the PEM_read_bio_TYPE() functions as well as the decoders introduced in\nOpenSSL 3.0.\n\nThe OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4450",
"url": "https://www.suse.com/security/cve/CVE-2022-4450"
},
{
"category": "external",
"summary": "SUSE Bug 1207538 for CVE-2022-4450",
"url": "https://bugzilla.suse.com/1207538"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2022-4450",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0215"
}
],
"notes": [
{
"category": "general",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming\nASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\nSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\nend user applications.\n\nThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\nBIO onto the front of it to form a BIO chain, and then returns the new head of\nthe BIO chain to the caller. Under certain conditions, for example if a CMS\nrecipient public key is invalid, the new filter BIO is freed and the function\nreturns a NULL result indicating a failure. However, in this case, the BIO chain\nis not properly cleaned up and the BIO passed by the caller still retains\ninternal pointers to the previously freed filter BIO. If the caller then goes on\nto call BIO_pop() on the BIO then a use-after-free will occur. This will most\nlikely result in a crash.\n\n\n\nThis scenario occurs directly in the internal function B64_write_ASN1() which\nmay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\nthe BIO. This internal function is in turn called by the public API functions\nPEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\nSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.\n\nOther public API functions that may be impacted by this include\ni2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\ni2d_PKCS7_bio_stream.\n\nThe OpenSSL cms and smime command line applications are similarly affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0215",
"url": "https://www.suse.com/security/cve/CVE-2023-0215"
},
{
"category": "external",
"summary": "SUSE Bug 1207536 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1207536"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1225628 for CVE-2023-0215",
"url": "https://bugzilla.suse.com/1225628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0216"
}
],
"notes": [
{
"category": "general",
"text": "An invalid pointer dereference on read can be triggered when an\napplication tries to load malformed PKCS7 data with the\nd2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions.\n\nThe result of the dereference is an application crash which could\nlead to a denial of service attack. The TLS implementation in OpenSSL\ndoes not call this function however third party applications might\ncall these functions on untrusted data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0216",
"url": "https://www.suse.com/security/cve/CVE-2023-0216"
},
{
"category": "external",
"summary": "SUSE Bug 1207539 for CVE-2023-0216",
"url": "https://bugzilla.suse.com/1207539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0217"
}
],
"notes": [
{
"category": "general",
"text": "An invalid pointer dereference on read can be triggered when an\napplication tries to check a malformed DSA public key by the\nEVP_PKEY_public_check() function. This will most likely lead\nto an application crash. This function can be called on public\nkeys supplied from untrusted sources which could allow an attacker\nto cause a denial of service attack.\n\nThe TLS implementation in OpenSSL does not call this function\nbut applications might call the function if there are additional\nsecurity requirements imposed by standards such as FIPS 140-3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0217",
"url": "https://www.suse.com/security/cve/CVE-2023-0217"
},
{
"category": "external",
"summary": "SUSE Bug 1207540 for CVE-2023-0217",
"url": "https://bugzilla.suse.com/1207540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "important"
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0286"
}
],
"notes": [
{
"category": "general",
"text": "There is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING.\n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0286",
"url": "https://www.suse.com/security/cve/CVE-2023-0286"
},
{
"category": "external",
"summary": "SUSE Bug 1207533 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1207533"
},
{
"category": "external",
"summary": "SUSE Bug 1207569 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1207569"
},
{
"category": "external",
"summary": "SUSE Bug 1211136 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1211136"
},
{
"category": "external",
"summary": "SUSE Bug 1211503 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1211503"
},
{
"category": "external",
"summary": "SUSE Bug 1213146 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1213146"
},
{
"category": "external",
"summary": "SUSE Bug 1214269 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1214269"
},
{
"category": "external",
"summary": "SUSE Bug 1218477 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1218477"
},
{
"category": "external",
"summary": "SUSE Bug 1218967 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1218967"
},
{
"category": "external",
"summary": "SUSE Bug 1225677 for CVE-2023-0286",
"url": "https://bugzilla.suse.com/1225677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "important"
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0401"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer can be dereferenced when signatures are being\nverified on PKCS7 signed or signedAndEnveloped data. In case the hash\nalgorithm used for the signature is known to the OpenSSL library but\nthe implementation of the hash algorithm is not available the digest\ninitialization will fail. There is a missing check for the return\nvalue from the initialization function which later leads to invalid\nusage of the digest API most likely leading to a crash.\n\nThe unavailability of an algorithm can be caused by using FIPS\nenabled configuration of providers or more commonly by not loading\nthe legacy provider.\n\nPKCS7 data is processed by the SMIME library calls and also by the\ntime stamp (TS) library calls. The TLS implementation in OpenSSL does\nnot call these functions however third party applications would be\naffected if they call these functions to verify signatures on untrusted\ndata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0401",
"url": "https://www.suse.com/security/cve/CVE-2023-0401"
},
{
"category": "external",
"summary": "SUSE Bug 1207541 for CVE-2023-0401",
"url": "https://bugzilla.suse.com/1207541"
},
{
"category": "external",
"summary": "SUSE Bug 1210509 for CVE-2023-0401",
"url": "https://bugzilla.suse.com/1210509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.aarch64",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.ppc64le",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.s390x",
"openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.17.1.x86_64",
"openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.17.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T16:54:57Z",
"details": "important"
}
],
"title": "CVE-2023-0401"
}
]
}
SSA-699386
Vulnerability from csaf_siemens - Published: 2023-11-14 00:00 - Updated: 2024-03-12 00:00Summary
SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5
Notes
Summary
SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-699386.txt"
}
],
"title": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5",
"tracking": {
"current_release_date": "2024-03-12T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-699386",
"initial_release_date": "2023-11-14T00:00:00Z",
"revision_history": [
{
"date": "2023-11-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2023-12-12T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Clarify: Remove product description for SCALANCE M-800/S615"
},
{
"date": "2024-03-12T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Move CVE-2023-44318 and CVE-2023-44321 to SSA-353002 as it currently is still unfixed."
}
],
"status": "interim",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)",
"product_id": "3",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)",
"product_id": "4",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)",
"product_id": "6",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)",
"product_id": "7",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)",
"product_id": "8",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)",
"product_id": "9",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)",
"product_id": "10",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)",
"product_id": "11",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)",
"product_id": "12",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)",
"product_id": "13",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)",
"product_id": "14",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)",
"product_id": "15",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)",
"product_id": "16",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)",
"product_id": "17",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BD00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)",
"product_id": "18",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BB00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)",
"product_id": "19",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)",
"product_id": "20",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)",
"product_id": "21",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)",
"product_id": "22",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)",
"product_id": "23",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)",
"product_id": "24",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)",
"product_id": "25",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)",
"product_id": "26",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)",
"product_id": "27",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)",
"product_id": "28",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)",
"product_id": "29",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)",
"product_id": "30",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)",
"product_id": "31",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)",
"product_id": "32",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)",
"product_id": "33",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)",
"product_id": "34",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)",
"product_id": "35",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)",
"product_id": "36",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)",
"product_id": "37",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)",
"product_id": "38",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)",
"product_id": "39",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)",
"product_id": "40",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)",
"product_id": "41",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)",
"product_id": "42",
"product_identification_helper": {
"model_numbers": [
"6GK5224-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)",
"product_id": "43",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)",
"product_id": "44",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)",
"product_id": "45",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)",
"product_id": "46",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)",
"product_id": "47",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)",
"product_id": "48",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)",
"product_id": "49",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)",
"product_id": "50",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)",
"product_id": "51",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)",
"product_id": "52",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)",
"product_id": "53",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)",
"product_id": "54",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)",
"product_id": "55",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)",
"product_id": "56",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)",
"product_id": "57",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)",
"product_id": "58",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)",
"product_id": "59",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)",
"product_id": "60",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)",
"product_id": "61",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)",
"product_id": "62",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)",
"product_id": "63",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)",
"product_id": "64",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)",
"product_id": "65",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)",
"product_id": "66",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)",
"product_id": "67",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)",
"product_id": "68",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BB00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)",
"product_id": "69",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)",
"product_id": "70",
"product_identification_helper": {
"model_numbers": [
"6AG1208-0BA00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)",
"product_id": "71",
"product_identification_helper": {
"model_numbers": [
"6AG1216-4BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0216",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-2650",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-44317",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"notes": [
{
"category": "summary",
"text": "Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44317"
},
{
"cve": "CVE-2023-44319",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "summary",
"text": "Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44319"
},
{
"cve": "CVE-2023-44320",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44320"
},
{
"cve": "CVE-2023-44322",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "summary",
"text": "Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44322"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2023-44374",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"notes": [
{
"category": "summary",
"text": "Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"42",
"43",
"44",
"45",
"46",
"47",
"48",
"49",
"50",
"51",
"52",
"53",
"54",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"64",
"65",
"62",
"63",
"66",
"67",
"68",
"69",
"70",
"71"
]
}
],
"title": "CVE-2023-44374"
}
]
}
SSA-943925
Vulnerability from csaf_siemens - Published: 2024-02-13 00:00 - Updated: 2024-03-12 00:00Summary
SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1
Notes
Summary
SINEC NMS before V2.0 SP1 is affected by multiple vulnerabilities.
Siemens has released an update for SINEC NMS and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC NMS before V2.0 SP1 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SINEC NMS and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-943925.html"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-943925.pdf"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-943925.txt"
}
],
"title": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1",
"tracking": {
"current_release_date": "2024-03-12T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-943925",
"initial_release_date": "2024-02-13T00:00:00Z",
"revision_history": [
{
"date": "2024-02-13T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-03-12T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added missing acknowledgment for CVE-2024-23811"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.0 SP1",
"product": {
"name": "SINEC NMS",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SINEC NMS"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-1255",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-1255"
},
{
"cve": "CVE-2023-2454",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-2454"
},
{
"cve": "CVE-2023-2455",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-2455"
},
{
"cve": "CVE-2023-2650",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-2975",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-25690",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-27522",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-27533",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27537",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27537"
},
{
"cve": "CVE-2023-27538",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use after free vulnerability exists in curl \u003cv8.1.0 in the way libcurl offers a feature to verify an SSH server\u0027s public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28320",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A denial of service vulnerability exists in curl \u003cv8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "An improper certificate validation vulnerability exists in curl \u003cv8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability exists in curl \u003cv8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-28709",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "summary",
"text": "The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount\u00a0could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters\u00a0in the query string, the limit for uploaded request parts could be\u00a0bypassed with the potential for a denial of service to occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28709"
},
{
"cve": "CVE-2023-30581",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30581"
},
{
"cve": "CVE-2023-30582",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. As a result, malicious actors can monitor files that they do not have explicit read access to.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30582"
},
{
"cve": "CVE-2023-30583",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "fs.openAsBlob() can bypass the experimental permission model when using the file system read restriction with the --allow-fs-read flag in Node.js. This vulnerability arises from a missing check in the fs.openAsBlob() API.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30583"
},
{
"cve": "CVE-2023-30584",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the experimental permission model of Node.js leads to improper handling of path traversal bypass when verifying file permissions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30584"
},
{
"cve": "CVE-2023-30585",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the \"msiexec.exe\" process, running under the NT AUTHORITY\\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user\u0027s registry.\n\nThe issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, the \"msiexec.exe\" process attempts to create the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in arbitrary locations.\n\nThe severity of this vulnerability is heightened by the fact that the %USERPROFILE% environment variable in the Windows registry can be modified by standard (or \"non-privileged\") users. Consequently, unprivileged actors, including malicious entities or trojans, can manipulate the environment variable key to deceive the privileged \"msiexec.exe\" process. This manipulation can result in the creation of folders in unintended and potentially malicious locations.\n\nIt is important to note that this vulnerability is specific to Windows users who install Node.js using the .msi installer. Users who opt for other installation methods are not affected by this particular issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30585"
},
{
"cve": "CVE-2023-30586",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process\u0027s stack memory to locate the permission model Permission::enabled_ in the host process\u0027s heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30586"
},
{
"cve": "CVE-2023-30587",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Node.js allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module (node:inspector). By exploiting the Worker class\u0027s ability to create an \"internal worker\" with the kIsInternal Symbol, attackers can modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30587"
},
{
"cve": "CVE-2023-30588",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30588"
},
{
"cve": "CVE-2023-30589",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).\r\n\r\nThe CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30589"
},
{
"cve": "CVE-2023-30590",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: \"Generates private and public Diffie-Hellman key values\".\n\nThe documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-30590"
},
{
"cve": "CVE-2023-31124",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-31124"
},
{
"cve": "CVE-2023-31130",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-31130"
},
{
"cve": "CVE-2023-31147",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-31147"
},
{
"cve": "CVE-2023-32002",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32002"
},
{
"cve": "CVE-2023-32003",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32003"
},
{
"cve": "CVE-2023-32004",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32004"
},
{
"cve": "CVE-2023-32005",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument.\n\nThis flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32005"
},
{
"cve": "CVE-2023-32006",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32006"
},
{
"cve": "CVE-2023-32067",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32558",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. \n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.x.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32558"
},
{
"cve": "CVE-2023-32559",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding(\u0027spawn_sync\u0027)` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-32559"
},
{
"cve": "CVE-2023-34035",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "Spring Security versions 5.8\u00a0prior to 5.8.5, 6.0\u00a0prior to 6.0.5,\u00a0and 6.1\u00a0prior to 6.1.2\u00a0could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String)\u00a0and multiple servlets, one of them being Spring MVC\u2019s DispatcherServlet.\u00a0(DispatcherServlet\u00a0is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * Spring MVC is on the classpath\n * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC\u2019s DispatcherServlet)\n * The application uses requestMatchers(String)\u00a0to refer to endpoints that are not Spring MVC endpoints\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not have Spring MVC on the classpath\n * The application secures no servlets other than Spring MVC\u2019s DispatcherServlet\n * The application uses requestMatchers(String)\u00a0only for Spring MVC endpoints",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-34035"
},
{
"cve": "CVE-2023-35945",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-35945"
},
{
"cve": "CVE-2023-38039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-38039"
},
{
"cve": "CVE-2023-38199",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka \"Content-Type confusion\" between the WAF and the backend application. This occurs when the web application relies on only the last Content-Type header. Other platforms may reject the additional Content-Type header or merge conflicting headers, leading to detection as a malformed header.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-38199"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-39417",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-39417"
},
{
"cve": "CVE-2023-39418",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-39418"
},
{
"cve": "CVE-2023-41080",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "summary",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\n\nThe vulnerability is limited to the ROOT (default) web application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-41080"
},
{
"cve": "CVE-2023-46120",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-46120"
},
{
"cve": "CVE-2024-23810",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-23810"
},
{
"cve": "CVE-2024-23811",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-23811"
},
{
"cve": "CVE-2024-23812",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-23812"
}
]
}
WID-SEC-W-2024-1591
Vulnerability from csaf_certbund - Published: 2024-07-10 22:00 - Updated: 2024-11-11 23:00Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1591 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1591.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1591 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1591"
},
{
"category": "external",
"summary": "Juniper Patchday July 2024 vom 2024-07-10",
"url": "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending\u0026numberOfResults=100\u0026f:ctype=%5BSecurity%20Advisories%5D"
}
],
"source_lang": "en-US",
"title": "Juniper JUNOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-11T23:00:00.000+00:00",
"generator": {
"date": "2024-11-12T09:31:28.569+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-1591",
"initial_release_date": "2024-07-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "2",
"summary": "URL Kodierung angepasst"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T036093",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-20001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2006-20001"
},
{
"cve": "CVE-2007-5846",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2007-5846"
},
{
"cve": "CVE-2008-6123",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2008-6123"
},
{
"cve": "CVE-2011-1473",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-1473"
},
{
"cve": "CVE-2011-5094",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-5094"
},
{
"cve": "CVE-2012-6151",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2012-6151"
},
{
"cve": "CVE-2014-10064",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-10064"
},
{
"cve": "CVE-2014-2285",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2285"
},
{
"cve": "CVE-2014-2310",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2310"
},
{
"cve": "CVE-2014-3565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-3565"
},
{
"cve": "CVE-2014-7191",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-7191"
},
{
"cve": "CVE-2014-8882",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-8882"
},
{
"cve": "CVE-2015-5621",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-5621"
},
{
"cve": "CVE-2015-8100",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-8100"
},
{
"cve": "CVE-2015-9262",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-9262"
},
{
"cve": "CVE-2016-1000232",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-1000232"
},
{
"cve": "CVE-2016-10540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-10540"
},
{
"cve": "CVE-2016-4658",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-4658"
},
{
"cve": "CVE-2017-1000048",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-1000048"
},
{
"cve": "CVE-2017-15010",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-15010"
},
{
"cve": "CVE-2018-18065",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-18065"
},
{
"cve": "CVE-2018-20834",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-20834"
},
{
"cve": "CVE-2018-3737",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-3737"
},
{
"cve": "CVE-2018-7408",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-7408"
},
{
"cve": "CVE-2019-10081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10081"
},
{
"cve": "CVE-2019-10082",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10082"
},
{
"cve": "CVE-2019-10092",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10092"
},
{
"cve": "CVE-2019-10097",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10097"
},
{
"cve": "CVE-2019-10098",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10098"
},
{
"cve": "CVE-2019-11719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11719"
},
{
"cve": "CVE-2019-11727",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11727"
},
{
"cve": "CVE-2019-11756",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11756"
},
{
"cve": "CVE-2019-16775",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16775"
},
{
"cve": "CVE-2019-16776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16776"
},
{
"cve": "CVE-2019-16777",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16777"
},
{
"cve": "CVE-2019-17006",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17006"
},
{
"cve": "CVE-2019-17023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17023"
},
{
"cve": "CVE-2019-17567",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17567"
},
{
"cve": "CVE-2019-20149",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20149"
},
{
"cve": "CVE-2019-20892",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20892"
},
{
"cve": "CVE-2019-9517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-9517"
},
{
"cve": "CVE-2020-11668",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12400",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12400"
},
{
"cve": "CVE-2020-12401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12401"
},
{
"cve": "CVE-2020-12402",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12402"
},
{
"cve": "CVE-2020-12403",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12403"
},
{
"cve": "CVE-2020-13938",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13938"
},
{
"cve": "CVE-2020-13950",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13950"
},
{
"cve": "CVE-2020-14145",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2020-15861",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-15862",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15862"
},
{
"cve": "CVE-2020-1927",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28502",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28502"
},
{
"cve": "CVE-2020-35452",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-35452"
},
{
"cve": "CVE-2020-36049",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-36049"
},
{
"cve": "CVE-2020-6829",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-6829"
},
{
"cve": "CVE-2020-7660",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7660"
},
{
"cve": "CVE-2020-7754",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7754"
},
{
"cve": "CVE-2020-7774",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7774"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-9490",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-22543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-2342",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-23440",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-23440"
},
{
"cve": "CVE-2021-2356",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2372",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2389",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25745",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25745"
},
{
"cve": "CVE-2021-25746",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25746"
},
{
"cve": "CVE-2021-25748",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25748"
},
{
"cve": "CVE-2021-26690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26690"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-27290",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-27290"
},
{
"cve": "CVE-2021-29469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-29469"
},
{
"cve": "CVE-2021-30641",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-30641"
},
{
"cve": "CVE-2021-31535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-31618",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31618"
},
{
"cve": "CVE-2021-3177",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3177"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-33033",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-33193",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33193"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-34798",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-34798"
},
{
"cve": "CVE-2021-35604",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35604"
},
{
"cve": "CVE-2021-35624",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35624"
},
{
"cve": "CVE-2021-36160",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-36160"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-3803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-40438",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-40438"
},
{
"cve": "CVE-2021-41524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41524"
},
{
"cve": "CVE-2021-41773",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41773"
},
{
"cve": "CVE-2021-42013",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-42013"
},
{
"cve": "CVE-2021-43527",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44225",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44225"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44906",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21417",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21417"
},
{
"cve": "CVE-2022-21427",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21427"
},
{
"cve": "CVE-2022-21444",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21444"
},
{
"cve": "CVE-2022-21451",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21451"
},
{
"cve": "CVE-2022-21454",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21454"
},
{
"cve": "CVE-2022-21460",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21460"
},
{
"cve": "CVE-2022-21589",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21589"
},
{
"cve": "CVE-2022-21592",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21592"
},
{
"cve": "CVE-2022-21595",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21595"
},
{
"cve": "CVE-2022-21608",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21608"
},
{
"cve": "CVE-2022-21617",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21617"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-23471",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23471"
},
{
"cve": "CVE-2022-23524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23524"
},
{
"cve": "CVE-2022-23525",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23525"
},
{
"cve": "CVE-2022-23526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23526"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-2526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-2526"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-26377",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28330",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28330"
},
{
"cve": "CVE-2022-28614",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29167",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29167"
},
{
"cve": "CVE-2022-29404",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-31813"
},
{
"cve": "CVE-2022-3517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-37436",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37436"
},
{
"cve": "CVE-2022-40674",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-40674"
},
{
"cve": "CVE-2022-41741",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-4203",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-46663",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-46663"
},
{
"cve": "CVE-2022-4886",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4886"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-0464",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-0767",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-1255",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-1255"
},
{
"cve": "CVE-2023-2002",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-20593",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21840"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21912",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21912"
},
{
"cve": "CVE-2023-21963",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21963"
},
{
"cve": "CVE-2023-21980",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21980"
},
{
"cve": "CVE-2023-22025",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-22652",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22652"
},
{
"cve": "CVE-2023-24329",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-25153",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25153"
},
{
"cve": "CVE-2023-25173",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2023-25690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-2700",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2700"
},
{
"cve": "CVE-2023-27522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28840"
},
{
"cve": "CVE-2023-28841",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28841"
},
{
"cve": "CVE-2023-28842",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28842"
},
{
"cve": "CVE-2023-2975",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-30079",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30079"
},
{
"cve": "CVE-2023-30630",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30630"
},
{
"cve": "CVE-2023-3090",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3090"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32360",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-32435",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32435"
},
{
"cve": "CVE-2023-32439",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32439"
},
{
"cve": "CVE-2023-32732",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32732"
},
{
"cve": "CVE-2023-3341",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3341"
},
{
"cve": "CVE-2023-3390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3390"
},
{
"cve": "CVE-2023-33953",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-33953"
},
{
"cve": "CVE-2023-34058",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34058"
},
{
"cve": "CVE-2023-34059",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34059"
},
{
"cve": "CVE-2023-3446",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-34969",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34969"
},
{
"cve": "CVE-2023-35001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35001"
},
{
"cve": "CVE-2023-35788",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-3611",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3611"
},
{
"cve": "CVE-2023-37450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-37450"
},
{
"cve": "CVE-2023-3776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3776"
},
{
"cve": "CVE-2023-3817",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-4004",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4004"
},
{
"cve": "CVE-2023-4206",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4206"
},
{
"cve": "CVE-2023-4207",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4207"
},
{
"cve": "CVE-2023-4208",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4208"
},
{
"cve": "CVE-2023-42753",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-42753"
},
{
"cve": "CVE-2023-4785",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4785"
},
{
"cve": "CVE-2023-4807",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4807"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5043",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5043"
},
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5129"
},
{
"cve": "CVE-2023-5363",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20932",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20932"
},
{
"cve": "CVE-2024-20945",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-39511",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39511"
},
{
"cve": "CVE-2024-39512",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39512"
},
{
"cve": "CVE-2024-39513",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39513"
},
{
"cve": "CVE-2024-39514",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39514"
},
{
"cve": "CVE-2024-39517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39517"
},
{
"cve": "CVE-2024-39518",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39518"
},
{
"cve": "CVE-2024-39519",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39519"
},
{
"cve": "CVE-2024-39520",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39520"
},
{
"cve": "CVE-2024-39521",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39521"
},
{
"cve": "CVE-2024-39522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39522"
},
{
"cve": "CVE-2024-39523",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39523"
},
{
"cve": "CVE-2024-39524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39524"
},
{
"cve": "CVE-2024-39528",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39528"
},
{
"cve": "CVE-2024-39529",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39529"
},
{
"cve": "CVE-2024-39530",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39530"
},
{
"cve": "CVE-2024-39531",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39531"
},
{
"cve": "CVE-2024-39532",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39532"
},
{
"cve": "CVE-2024-39533",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39533"
},
{
"cve": "CVE-2024-39535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39535"
},
{
"cve": "CVE-2024-39536",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39536"
},
{
"cve": "CVE-2024-39537",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39537"
},
{
"cve": "CVE-2024-39538",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39538"
},
{
"cve": "CVE-2024-39539",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39539"
},
{
"cve": "CVE-2024-39540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39540"
},
{
"cve": "CVE-2024-39541",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39541"
},
{
"cve": "CVE-2024-39542",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39542"
},
{
"cve": "CVE-2024-39543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39543"
},
{
"cve": "CVE-2024-39545",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39545"
},
{
"cve": "CVE-2024-39546",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39546"
},
{
"cve": "CVE-2024-39548",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39548"
},
{
"cve": "CVE-2024-39549",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39549"
},
{
"cve": "CVE-2024-39550",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39550"
},
{
"cve": "CVE-2024-39551",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39551"
},
{
"cve": "CVE-2024-39553",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39553"
},
{
"cve": "CVE-2024-39554",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39554"
},
{
"cve": "CVE-2024-39555",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39555"
},
{
"cve": "CVE-2024-39556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39556"
},
{
"cve": "CVE-2024-39557",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39557"
},
{
"cve": "CVE-2024-39558",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39558"
},
{
"cve": "CVE-2024-39559",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39559"
},
{
"cve": "CVE-2024-39560",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39560"
},
{
"cve": "CVE-2024-39561",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39561"
},
{
"cve": "CVE-2024-39565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39565"
}
]
}
WID-SEC-W-2023-1424
Vulnerability from csaf_certbund - Published: 2023-06-12 22:00 - Updated: 2023-06-12 22:00Summary
Xerox FreeFlow Print Server für Solaris: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1424 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1424.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1424 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1424"
},
{
"category": "external",
"summary": "Xerox Security Bulletin vom 2023-06-12",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-009-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server f\u00fcr Solaris: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-12T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:52:15.756+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1424",
"initial_release_date": "2023-06-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server v9 for Solaris",
"product": {
"name": "Xerox FreeFlow Print Server v9 for Solaris",
"product_id": "T028053",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9_for_solaris"
}
}
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28708",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-28708"
},
{
"cve": "CVE-2023-28176",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-28176"
},
{
"cve": "CVE-2023-28164",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-28164"
},
{
"cve": "CVE-2023-28163",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-28163"
},
{
"cve": "CVE-2023-28162",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-28162"
},
{
"cve": "CVE-2023-27522",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-25752",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25752"
},
{
"cve": "CVE-2023-25751",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25751"
},
{
"cve": "CVE-2023-25746",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25746"
},
{
"cve": "CVE-2023-25744",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25744"
},
{
"cve": "CVE-2023-25743",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25743"
},
{
"cve": "CVE-2023-25742",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25742"
},
{
"cve": "CVE-2023-25739",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25739"
},
{
"cve": "CVE-2023-25738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25738"
},
{
"cve": "CVE-2023-25737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25737"
},
{
"cve": "CVE-2023-25735",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25735"
},
{
"cve": "CVE-2023-25734",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25734"
},
{
"cve": "CVE-2023-25732",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25732"
},
{
"cve": "CVE-2023-25730",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25730"
},
{
"cve": "CVE-2023-25729",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25729"
},
{
"cve": "CVE-2023-25728",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25728"
},
{
"cve": "CVE-2023-25690",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-24807",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-24807"
},
{
"cve": "CVE-2023-24580",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-24580"
},
{
"cve": "CVE-2023-23969",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23969"
},
{
"cve": "CVE-2023-23946",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23946"
},
{
"cve": "CVE-2023-23936",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23936"
},
{
"cve": "CVE-2023-23920",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23920"
},
{
"cve": "CVE-2023-23919",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23919"
},
{
"cve": "CVE-2023-23918",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23918"
},
{
"cve": "CVE-2023-23605",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23605"
},
{
"cve": "CVE-2023-23603",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23603"
},
{
"cve": "CVE-2023-23602",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23602"
},
{
"cve": "CVE-2023-23601",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23601"
},
{
"cve": "CVE-2023-23599",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23599"
},
{
"cve": "CVE-2023-23598",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-23598"
},
{
"cve": "CVE-2023-22809",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-22809"
},
{
"cve": "CVE-2023-22490",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-22490"
},
{
"cve": "CVE-2023-22003",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-22003"
},
{
"cve": "CVE-2023-21985",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21985"
},
{
"cve": "CVE-2023-21984",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21984"
},
{
"cve": "CVE-2023-21928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21928"
},
{
"cve": "CVE-2023-21896",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21896"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21840",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21840"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-0804",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0804"
},
{
"cve": "CVE-2023-0803",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0803"
},
{
"cve": "CVE-2023-0802",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0802"
},
{
"cve": "CVE-2023-0801",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0801"
},
{
"cve": "CVE-2023-0800",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0800"
},
{
"cve": "CVE-2023-0799",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0799"
},
{
"cve": "CVE-2023-0798",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0798"
},
{
"cve": "CVE-2023-0797",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0797"
},
{
"cve": "CVE-2023-0796",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0796"
},
{
"cve": "CVE-2023-0795",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0795"
},
{
"cve": "CVE-2023-0767",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-0662",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0662"
},
{
"cve": "CVE-2023-0616",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0616"
},
{
"cve": "CVE-2023-0568",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0568"
},
{
"cve": "CVE-2023-0567",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0567"
},
{
"cve": "CVE-2023-0430",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0430"
},
{
"cve": "CVE-2023-0417",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0417"
},
{
"cve": "CVE-2023-0416",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0416"
},
{
"cve": "CVE-2023-0415",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0415"
},
{
"cve": "CVE-2023-0414",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0414"
},
{
"cve": "CVE-2023-0413",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0413"
},
{
"cve": "CVE-2023-0412",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0412"
},
{
"cve": "CVE-2023-0411",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0411"
},
{
"cve": "CVE-2023-0401",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0217",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0216",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2022-48281",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-48281"
},
{
"cve": "CVE-2022-46877",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46877"
},
{
"cve": "CVE-2022-46874",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46874"
},
{
"cve": "CVE-2022-46871",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46871"
},
{
"cve": "CVE-2022-46344",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46344"
},
{
"cve": "CVE-2022-46343",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46343"
},
{
"cve": "CVE-2022-46342",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46342"
},
{
"cve": "CVE-2022-46341",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46341"
},
{
"cve": "CVE-2022-46340",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-46340"
},
{
"cve": "CVE-2022-45939",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-45939"
},
{
"cve": "CVE-2022-45199",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-45199"
},
{
"cve": "CVE-2022-45143",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-45143"
},
{
"cve": "CVE-2022-4450",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-4345",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-4345"
},
{
"cve": "CVE-2022-4304",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-42919",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42919"
},
{
"cve": "CVE-2022-42916",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-42915",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42898",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42898"
},
{
"cve": "CVE-2022-4283",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-4283"
},
{
"cve": "CVE-2022-4203",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-42012",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42012"
},
{
"cve": "CVE-2022-42011",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42011"
},
{
"cve": "CVE-2022-42010",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-42010"
},
{
"cve": "CVE-2022-41903",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-41903"
},
{
"cve": "CVE-2022-41716",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-41716"
},
{
"cve": "CVE-2022-41715",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-40898",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-40898"
},
{
"cve": "CVE-2022-40304",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-40303",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-39253",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-39253"
},
{
"cve": "CVE-2022-3924",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3924"
},
{
"cve": "CVE-2022-38784",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-38784"
},
{
"cve": "CVE-2022-38171",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-38171"
},
{
"cve": "CVE-2022-37436",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-37436"
},
{
"cve": "CVE-2022-3736",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3736"
},
{
"cve": "CVE-2022-3705",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3705"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2022-36227",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-36227"
},
{
"cve": "CVE-2022-36114",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-36114"
},
{
"cve": "CVE-2022-36113",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-36113"
},
{
"cve": "CVE-2022-35260",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-35260"
},
{
"cve": "CVE-2022-35252",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-3515",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3515"
},
{
"cve": "CVE-2022-3352",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3352"
},
{
"cve": "CVE-2022-3324",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3324"
},
{
"cve": "CVE-2022-3297",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3297"
},
{
"cve": "CVE-2022-3296",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3296"
},
{
"cve": "CVE-2022-3278",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3278"
},
{
"cve": "CVE-2022-3256",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3256"
},
{
"cve": "CVE-2022-3235",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3235"
},
{
"cve": "CVE-2022-3234",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3234"
},
{
"cve": "CVE-2022-32221",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-32208",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32207",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32206",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32205",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32190",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32190"
},
{
"cve": "CVE-2022-32189",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32189"
},
{
"cve": "CVE-2022-32148",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-32148"
},
{
"cve": "CVE-2022-3153",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3153"
},
{
"cve": "CVE-2022-3134",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3134"
},
{
"cve": "CVE-2022-3099",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3099"
},
{
"cve": "CVE-2022-3094",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3094"
},
{
"cve": "CVE-2022-30635",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30635"
},
{
"cve": "CVE-2022-30634",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30634"
},
{
"cve": "CVE-2022-30633",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30632",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30632"
},
{
"cve": "CVE-2022-30631",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30630",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30630"
},
{
"cve": "CVE-2022-30629",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30629"
},
{
"cve": "CVE-2022-30580",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-3037",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3037"
},
{
"cve": "CVE-2022-3016",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-3016"
},
{
"cve": "CVE-2022-29804",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-29804"
},
{
"cve": "CVE-2022-2980",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2980"
},
{
"cve": "CVE-2022-29526",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-2946",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2946"
},
{
"cve": "CVE-2022-2929",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2929"
},
{
"cve": "CVE-2022-2928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2928"
},
{
"cve": "CVE-2022-2923",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2923"
},
{
"cve": "CVE-2022-2889",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2889"
},
{
"cve": "CVE-2022-2880",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-2879",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2879"
},
{
"cve": "CVE-2022-2874",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2874"
},
{
"cve": "CVE-2022-2862",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2862"
},
{
"cve": "CVE-2022-2849",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2849"
},
{
"cve": "CVE-2022-2845",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2845"
},
{
"cve": "CVE-2022-28331",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-28331"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-2819",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2819"
},
{
"cve": "CVE-2022-2817",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2817"
},
{
"cve": "CVE-2022-2816",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2816"
},
{
"cve": "CVE-2022-28131",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-27778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-27778"
},
{
"cve": "CVE-2022-27664",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-27536",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-27337",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-27337"
},
{
"cve": "CVE-2022-25255",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-25255"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-24963",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-24963"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-23521",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-23521"
},
{
"cve": "CVE-2022-2309",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-2309"
},
{
"cve": "CVE-2022-21515",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-21515"
},
{
"cve": "CVE-2022-21349",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21291",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-1962",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-1705",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-1292",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-1292"
},
{
"cve": "CVE-2022-1122",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-1122"
},
{
"cve": "CVE-2022-0718",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2022-0718"
},
{
"cve": "CVE-2021-37750",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2021-37750"
},
{
"cve": "CVE-2021-37519",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2021-37519"
},
{
"cve": "CVE-2021-35940",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2021-35940"
},
{
"cve": "CVE-2021-30860",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2021-30860"
},
{
"cve": "CVE-2021-29338",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2021-29338"
},
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2017-12613",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2017-12613"
},
{
"cve": "CVE-2006-20001",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T028053"
]
},
"release_date": "2023-06-12T22:00:00.000+00:00",
"title": "CVE-2006-20001"
}
]
}
WID-SEC-W-2023-0304
Vulnerability from csaf_certbund - Published: 2023-02-07 23:00 - Updated: 2025-05-22 22:00Summary
OpenSSL: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen, Informationen offenzulegen oder Chiffretext über ein Netzwerk wiederherzustellen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Informationen offenzulegen oder Chiffretext \u00fcber ein Netzwerk wiederherzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0304 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0304.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0304 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0304"
},
{
"category": "external",
"summary": "OpenSSL Security Advisory vom 2023-02-07",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1935 vom 2023-02-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1935.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1683 vom 2023-02-08",
"url": "https://alas.aws.amazon.com/ALAS-2023-1683.html"
},
{
"category": "external",
"summary": "Aruba Product Security Advisory",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-001.txt"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1934 vom 2023-02-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1934.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20230214-0011 vom 2023-02-14",
"url": "https://security.netapp.com/advisory/ntap-20230214-0011/"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-23:03.OPENSSL vom 2023-02-16",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:03.openssl.asc"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3325 vom 2023-02-20",
"url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html"
},
{
"category": "external",
"summary": "McAfee Security Bulletin SB10395 vom 2023-02-22",
"url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10395\u0026viewlocale=en_US\u0026platinum_status=false\u0026locale=en_US"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0482-1 vom 2023-02-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013880.html"
},
{
"category": "external",
"summary": "LANCOM Sicherheitshinweise",
"url": "https://www.lancom-systems.de/service-support/soforthilfe/allgemeine-sicherheitshinweise/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0581-1 vom 2023-02-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013933.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0946 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0946"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-0946 vom 2023-02-28",
"url": "http://linux.oracle.com/errata/ELSA-2023-0946.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6959033 vom 2023-03-01",
"url": "https://www.ibm.com/support/pages/node/6959033"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0584-1 vom 2023-03-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013952.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12152 vom 2023-03-01",
"url": "https://linux.oracle.com/errata/ELSA-2023-12152.html"
},
{
"category": "external",
"summary": "SonicWall Product Notifications",
"url": "https://www.sonicwall.com/support/product-notification/sma-100-series-openssl-library-update-in-10-2-1-7/230228123000903/"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-09 vom 2023-03-02",
"url": "https://www.tenable.com/security/tns-2023-09"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-10 vom 2023-03-07",
"url": "https://www.tenable.com/security/tns-2023-10"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-11 vom 2023-03-07",
"url": "https://www.tenable.com/security/tns-2023-11"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6960563 vom 2023-03-07",
"url": "https://www.ibm.com/support/pages/node/6960563"
},
{
"category": "external",
"summary": "### vom 2023-03-07",
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6960511 vom 2023-03-07",
"url": "https://www.ibm.com/support/pages/node/6960511"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-12 vom 2023-03-09",
"url": "https://www.tenable.com/security/tns-2023-12"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-13 vom 2023-03-09",
"url": "https://www.tenable.com/security/tns-2023-13"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0684-1 vom 2023-03-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014009.html"
},
{
"category": "external",
"summary": "Siemens Security Bulletin by Siemens ProductCERT",
"url": "https://cert-portal.siemens.com/productcert/html/ssb-439005.html"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2023.02 vom 2023-03-14",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2023-02-meinberg-lantime-firmware-v7-06-012.htm"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1199 vom 2023-03-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1199"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6957718 vom 2023-03-16",
"url": "https://www.ibm.com/support/pages/node/6957718"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6963634 vom 2023-03-16",
"url": "https://www.cybersecurity-help.cz/vdb/SB2023031618"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6963784 vom 2023-03-20",
"url": "https://www.ibm.com/support/pages/node/6963784"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6963786 vom 2023-03-20",
"url": "https://www.cybersecurity-help.cz/vdb/SB2023032014"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1335 vom 2023-03-20",
"url": "https://access.redhat.com/errata/RHSA-2023:1335"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1335 vom 2023-03-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-1335.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6964854 vom 2023-03-21",
"url": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory38.asc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1405 vom 2023-03-22",
"url": "https://access.redhat.com/errata/RHSA-2023:1405"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2023:1335 vom 2023-03-22",
"url": "https://lists.centos.org/pipermail/centos-announce/2023-March/086392.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12205 vom 2023-03-22",
"url": "https://linux.oracle.com/errata/ELSA-2023-12205.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1405 vom 2023-03-23",
"url": "http://linux.oracle.com/errata/ELSA-2023-1405.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12213 vom 2023-03-28",
"url": "https://linux.oracle.com/errata/ELSA-2023-12213.html"
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-23-15 vom 2023-03-29",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-23-15"
},
{
"category": "external",
"summary": "F5 K000132941 vom 2023-04-06",
"url": "https://my.f5.com/manage/s/article/K000132941"
},
{
"category": "external",
"summary": "F5 K000132943 vom 2023-04-06",
"url": "https://my.f5.com/manage/s/article/K000132943"
},
{
"category": "external",
"summary": "F5 K000132946 vom 2023-04-06",
"url": "https://my.f5.com/manage/s/article/K000132946"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2023.02 vom 2023-03-23",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6986323 vom 2023-04-26",
"url": "https://www.ibm.com/support/pages/node/6986323"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2022 vom 2023-04-26",
"url": "https://access.redhat.com/errata/RHSA-2023:2022"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6987461 vom 2023-05-01",
"url": "https://www.ibm.com/support/pages/node/6987461"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2098 vom 2023-05-03",
"url": "https://access.redhat.com/errata/RHSA-2023:2098"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12326 vom 2023-05-04",
"url": "https://linux.oracle.com/errata/ELSA-2023-12326.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2023-19 vom 2023-05-10",
"url": "https://www.tenable.com/security/tns-2023-19"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2165 vom 2023-05-09",
"url": "https://access.redhat.com/errata/RHSA-2023:2165"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6985831 vom 2023-05-10",
"url": "https://www.ibm.com/support/pages/node/6985831"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2932 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:2932"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6983555 vom 2023-05-17",
"url": "https://www.ibm.com/support/pages/node/6983555"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-2932 vom 2023-05-24",
"url": "https://linux.oracle.com/errata/ELSA-2023-2932.html"
},
{
"category": "external",
"summary": "Hitachi Cybersecurity Advisory vom 2023-04-25",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-02"
},
{
"category": "external",
"summary": "HP Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04445en_us"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6998707 vom 2023-05-26",
"url": "https://www.ibm.com/support/pages/node/6998707"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-134 vom 2023-05-26",
"url": "https://www.dell.com/support/kbdoc/de-de/000214129/dsa-2023-134-security-update-for-dell-poweredge-server-for-multiple-openssl-vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3408 vom 2023-06-01",
"url": "https://access.redhat.com/errata/RHSA-2023:3408"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3354 vom 2023-06-05",
"url": "https://access.redhat.com/errata/RHSA-2023:3354"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3355 vom 2023-06-05",
"url": "https://access.redhat.com/errata/RHSA-2023:3355"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3420 vom 2023-06-05",
"url": "https://access.redhat.com/errata/RHSA-2023:3420"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3421 vom 2023-06-05",
"url": "https://access.redhat.com/errata/RHSA-2023:3421"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3455 vom 2023-06-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3455"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-008 vom 2023-06-06",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-008-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:0305-2 vom 2023-06-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015094.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3542 vom 2023-06-14",
"url": "https://access.redhat.com/errata/RHSA-2023:3542"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7005589 vom 2023-06-21",
"url": "https://www.ibm.com/support/pages/node/7005589"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3612 vom 2023-06-23",
"url": "https://access.redhat.com/errata/RHSA-2023:3614"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:29171-1 vom 2023-06-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015287.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2623-1 vom 2023-06-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015285.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2622-1 vom 2023-06-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015286.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2624-1 vom 2023-06-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015284.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3615 vom 2023-06-22",
"url": "https://access.redhat.com/errata/RHSA-2023:3615"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2648-1 vom 2023-06-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015323.html"
},
{
"category": "external",
"summary": "Hitachi Energy CYBERSECURITY ADVISORY vom 2023-06-27",
"url": "https://library.e.abb.com/public/4fffbb03a11143c0b70e57acbd1c9f66/8DBD000157-VU-2023-004-OpenSSL_Relion_670_650_Rev1.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7007815 vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/7007815"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7009735 vom 2023-07-05",
"url": "https://www.ibm.com/support/pages/node/7009735"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7010099 vom 2023-07-06",
"url": "https://www.ibm.com/support/pages/node/7010099"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7006449 vom 2023-07-07",
"url": "https://www.ibm.com/support/pages/node/7006449"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4128 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4128"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4124 vom 2023-07-18",
"url": "https://access.redhat.com/errata/RHSA-2023:4124"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4091 vom 2023-07-20",
"url": "https://access.redhat.com/errata/RHSA-2023:4091"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4252 vom 2023-07-25",
"url": "https://access.redhat.com/errata/RHSA-2023:4252"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3096-1 vom 2023-08-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015724.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3179-1 vom 2023-08-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015773.html"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-264815 vom 2023-08-08",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-264815.html"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-264814 vom 2023-08-08",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-264814.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2023-0013 vom 2023-08-17",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001082.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4982 vom 2023-09-05",
"url": "https://access.redhat.com/errata/RHSA-2023:4982"
},
{
"category": "external",
"summary": "HPE Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbgn04530en_us"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5209 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5209"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-135 vom 2023-09-26",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-135/index.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASOPENSSL-SNAPSAFE-2023-002 vom 2023-09-27",
"url": "https://alas.aws.amazon.com/AL2/ALASOPENSSL-SNAPSAFE-2023-002.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7035370 vom 2023-10-03",
"url": "https://www.ibm.com/support/pages/node/7035370"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7041682 vom 2023-10-04",
"url": "https://www.ibm.com/support/pages/node/7041682"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7063708 vom 2023-10-31",
"url": "https://www.ibm.com/support/pages/node/7063708"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-13027 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-13027.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-13024 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-13024.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-32790 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-32790.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-13025 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-13025.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-13026 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-13026.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-32791 vom 2023-12-07",
"url": "https://linux.oracle.com/errata/ELSA-2023-32791.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-113 vom 2023-12-13",
"url": "https://www.dell.com/support/kbdoc/000211759/dsa-2023-="
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6564-1 vom 2024-01-03",
"url": "https://ubuntu.com/security/notices/USN-6564-1"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7108821 vom 2024-01-17",
"url": "https://www.ibm.com/support/pages/node/7108821"
},
{
"category": "external",
"summary": "Dell Knowledge Base Article",
"url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202402-08 vom 2024-02-04",
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2633-1 vom 2024-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018032.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2634-1 vom 2024-02-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018031.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2502 vom 2024-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2502.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
"url": "https://www.ibm.com/support/pages/node/7145367"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-20865 vom 2024-04-25",
"url": "https://linux.oracle.com/errata/ELSA-2024-20865.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12343 vom 2024-04-25",
"url": "https://linux.oracle.com/errata/ELSA-2024-12343.html"
},
{
"category": "external",
"summary": "SolarWinds Platform 2024.2 release notes vom 2024-06-04",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-2_release_notes.htm"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12408 vom 2024-06-05",
"url": "https://linux.oracle.com/errata/ELSA-2024-12408.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-23120 vom 2024-06-04",
"url": "https://linux.oracle.com/errata/ELSA-2024-23120.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12409 vom 2024-06-04",
"url": "https://linux.oracle.com/errata/ELSA-2024-12409.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-207 vom 2024-06-13",
"url": "https://www.dell.com/support/kbdoc/de-de/000216897/dsa-2023-207-security-update-for-dell-poweredge-t40-mini-tower-server-openssl-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-250 vom 2024-06-27",
"url": "https://www.dell.com/support/kbdoc/de-de/000226426/dsa-2024-250-security-update-for-dell-avamar-dell-integrated-data-protection-appliance-idpa-security-update-for-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "ICS Advisory vom 2024-07-23",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-205-02"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5136 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5136"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6095 vom 2024-09-11",
"url": "https://access.redhat.com/errata/RHSA-2024:6095"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2024-145 vom 2024-09-17",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-145/index.html"
},
{
"category": "external",
"summary": "Moxa Security Advisory MPSA-230405 vom 2024-10-04",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230405-tn-5900-series-affected-by-multiple-openssl-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7174634"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12842 vom 2024-11-25",
"url": "https://linux.oracle.com/errata/ELSA-2024-12842.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-064 vom 2025-01-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000278811/dsa-2025-064-security-update-for-dell-networker-networker-virtual-edition-and-networker-management-console-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229377 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7229377"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7230557 vom 2025-04-10",
"url": "https://www.ibm.com/support/pages/node/7230557"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7233394 vom 2025-05-14",
"url": "https://www.ibm.com/support/pages/node/7233394"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7733 vom 2025-05-15",
"url": "https://access.redhat.com/errata/RHSA-2025:7733"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7895 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7895"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7937 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7937"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7895 vom 2025-05-19",
"url": "https://linux.oracle.com/errata/ELSA-2025-7895.html"
},
{
"category": "external",
"summary": "HPE Security Advisory vom 2025-05-22",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbns04859en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7937 vom 2025-05-22",
"url": "https://linux.oracle.com/errata/ELSA-2025-7937.html"
}
],
"source_lang": "en-US",
"title": "OpenSSL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-05-22T22:00:00.000+00:00",
"generator": {
"date": "2025-05-23T07:55:12.241+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2023-0304",
"initial_release_date": "2023-02-07T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-02-07T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-08T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon und Aruba aufgenommen"
},
{
"date": "2023-02-09T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: FEDORA-2023-A5564C0A3F, FEDORA-2023-57F33242BC"
},
{
"date": "2023-02-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2023-02-16T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von FreeBSD aufgenommen"
},
{
"date": "2023-02-19T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2023-02-22T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von McAfee aufgenommen"
},
{
"date": "2023-02-23T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-02-27T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-02-28T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE, Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-03-01T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-03-02T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2023-03-07T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Tenable, IBM und IBM-APAR aufgenommen"
},
{
"date": "2023-03-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Tenable und SUSE aufgenommen"
},
{
"date": "2023-03-13T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Siemens aufgenommen"
},
{
"date": "2023-03-14T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-15T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-19T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-20T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-03-21T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-22T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat, CentOS und Oracle Linux aufgenommen"
},
{
"date": "2023-03-28T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-03-29T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von QNAP aufgenommen"
},
{
"date": "2023-04-10T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Informationen von F5 aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-04-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2023-05-01T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-03T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-04T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-05-09T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Tenable und Red Hat aufgenommen"
},
{
"date": "2023-05-10T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-23T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux und HP aufgenommen"
},
{
"date": "2023-05-25T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-05-29T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2023-05-31T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-05T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat und XEROX aufgenommen"
},
{
"date": "2023-06-06T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-06-14T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-20T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-06-22T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-25T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2023-06-26T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-06-27T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-06-28T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-07-05T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-07-06T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-07-17T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-20T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-24T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-08-01T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-03T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-07T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Siemens aufgenommen"
},
{
"date": "2023-08-17T22:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-17T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-09-25T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-31T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-12-07T23:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-12-12T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-01-02T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-01-17T23:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-25T23:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-04T23:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-02-27T23:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-03-18T23:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-03-27T23:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-24T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-03T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-06-04T22:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-13T22:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-06-26T22:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-07-23T22:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-08-08T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-16T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2024-10-06T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von moxa aufgenommen"
},
{
"date": "2024-10-31T23:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-25T23:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-03-27T23:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-05-15T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-19T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von HP und Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "90"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "670",
"product": {
"name": "ABB Relion 670",
"product_id": "T016943",
"product_identification_helper": {
"cpe": "cpe:/h:abb:relion:670"
}
}
},
{
"category": "product_version",
"name": "650",
"product": {
"name": "ABB Relion 650",
"product_id": "T016944",
"product_identification_helper": {
"cpe": "cpe:/h:abb:relion:650"
}
}
},
{
"category": "product_version",
"name": "SAM600-IO",
"product": {
"name": "ABB Relion SAM600-IO",
"product_id": "T016945",
"product_identification_helper": {
"cpe": "cpe:/h:abb:relion:sam600-io"
}
}
}
],
"category": "product_name",
"name": "Relion"
}
],
"category": "vendor",
"name": "ABB"
},
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Aruba ArubaOS",
"product": {
"name": "Aruba ArubaOS",
"product_id": "T021926",
"product_identification_helper": {
"cpe": "cpe:/o:arubanetworks:arubaos:-"
}
}
},
{
"category": "product_name",
"name": "Aruba ClearPass Policy Manager",
"product": {
"name": "Aruba ClearPass Policy Manager",
"product_id": "T023403",
"product_identification_helper": {
"cpe": "cpe:/a:arubanetworks:clearpass_policy_manager:-"
}
}
},
{
"category": "product_name",
"name": "Aruba EdgeConnect",
"product": {
"name": "Aruba EdgeConnect",
"product_id": "T027755",
"product_identification_helper": {
"cpe": "cpe:/a:aruba:edgeconnect:-"
}
}
},
{
"category": "product_name",
"name": "Aruba Switch",
"product": {
"name": "Aruba Switch",
"product_id": "T016786",
"product_identification_helper": {
"cpe": "cpe:/h:arubanetworks:switch:-"
}
}
}
],
"category": "vendor",
"name": "Aruba"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T024663",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c19.10",
"product": {
"name": "Dell NetWorker \u003c19.10",
"product_id": "T032354"
}
},
{
"category": "product_version",
"name": "19.1",
"product": {
"name": "Dell NetWorker 19.10",
"product_id": "T032354-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.10"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T019535",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T033533",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
}
],
"category": "product_name",
"name": "PowerEdge"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE NonStop Server",
"product": {
"name": "HPE NonStop Server",
"product_id": "4918",
"product_identification_helper": {
"cpe": "cpe:/h:hp:nonstop_server:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cv8.5",
"product": {
"name": "HPE OneView \u003cv8.5",
"product_id": "T029950"
}
},
{
"category": "product_version",
"name": "v8.5",
"product": {
"name": "HPE OneView v8.5",
"product_id": "T029950-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hp:oneview:v8.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003cv6.60.05 LTS",
"product": {
"name": "HPE OneView \u003cv6.60.05 LTS",
"product_id": "T029951"
}
},
{
"category": "product_version",
"name": "v6.60.05 LTS",
"product": {
"name": "HPE OneView v6.60.05 LTS",
"product_id": "T029951-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hp:oneview:v6.60.05_lts"
}
}
}
],
"category": "product_name",
"name": "OneView"
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T010951",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Configuration Manager",
"product": {
"name": "Hitachi Configuration Manager",
"product_id": "T020304",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:configuration_manager:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Energy AFS",
"product": {
"name": "Hitachi Energy AFS",
"product_id": "T016942",
"product_identification_helper": {
"cpe": "cpe:/h:abb:afs:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Energy RTU500",
"product": {
"name": "Hitachi Energy RTU500",
"product_id": "T027844",
"product_identification_helper": {
"cpe": "cpe:/h:abb:rtu500:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi Energy"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.1",
"product": {
"name": "IBM AIX 7.1",
"product_id": "153340",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.1"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
},
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "T021486",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version",
"name": "21.0.2",
"product": {
"name": "IBM Business Automation Workflow 21.0.2",
"product_id": "1055431",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.2"
}
}
},
{
"category": "product_version",
"name": "21.0.3",
"product": {
"name": "IBM Business Automation Workflow 21.0.3",
"product_id": "1150328",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3"
}
}
},
{
"category": "product_version",
"name": "22.0.1",
"product": {
"name": "IBM Business Automation Workflow 22.0.1",
"product_id": "1268578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.0",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.0",
"product_id": "389078",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.0"
}
}
},
{
"category": "product_version",
"name": "18.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.1",
"product_id": "389079",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.1"
}
}
},
{
"category": "product_version",
"name": "18.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 18.0.0.2",
"product_id": "428468",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:18.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.1",
"product_id": "433292",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.1"
}
}
},
{
"category": "product_version",
"name": "19.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.2",
"product_id": "672243",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.2"
}
}
},
{
"category": "product_version",
"name": "19.0.0.3",
"product": {
"name": "IBM Business Automation Workflow 19.0.0.3",
"product_id": "672244",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:19.0.0.3"
}
}
},
{
"category": "product_version",
"name": "20.0.0.1",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.1",
"product_id": "867559",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.1"
}
}
},
{
"category": "product_version",
"name": "20.0.0.2",
"product": {
"name": "IBM Business Automation Workflow 20.0.0.2",
"product_id": "867560",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:20.0.0.2"
}
}
},
{
"category": "product_version",
"name": "21.0.3.1",
"product": {
"name": "IBM Business Automation Workflow 21.0.3.1",
"product_id": "T025512",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3.1"
}
}
},
{
"category": "product_version",
"name": "22.0.2",
"product": {
"name": "IBM Business Automation Workflow 22.0.2",
"product_id": "T025770",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:22.0.2"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.1.12",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.12",
"product_id": "T026646"
}
},
{
"category": "product_version",
"name": "10.0.1.12",
"product": {
"name": "IBM DataPower Gateway 10.0.1.12",
"product_id": "T026646-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.4",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.4",
"product_id": "T026647"
}
},
{
"category": "product_version",
"name": "10.5.0.4",
"product": {
"name": "IBM DataPower Gateway 10.5.0.4",
"product_id": "T026647-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2018.4.1.26",
"product": {
"name": "IBM DataPower Gateway \u003c2018.4.1.26",
"product_id": "T027562"
}
},
{
"category": "product_version",
"name": "2018.4.1.26",
"product": {
"name": "IBM DataPower Gateway 2018.4.1.26",
"product_id": "T027562-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:2018.4.1.26"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.4.0sr3",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.4.0sr3",
"product_id": "T027563"
}
},
{
"category": "product_version",
"name": "10.0.4.0sr3",
"product": {
"name": "IBM DataPower Gateway 10.0.4.0sr3",
"product_id": "T027563-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.4.0sr3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.12",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.12",
"product_id": "T027564"
}
},
{
"category": "product_version",
"name": "10.0.1.12",
"product": {
"name": "IBM DataPower Gateway 10.0.1.12",
"product_id": "T027564-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.12"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "10.0.0.0-10.0.0.26",
"product": {
"name": "IBM Integration Bus 10.0.0.0-10.0.0.26",
"product_id": "T023793",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.0.0.0_-_10.0.0.26"
}
}
},
{
"category": "product_version",
"name": "10.1",
"product": {
"name": "IBM Integration Bus 10.1",
"product_id": "T026788",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1"
}
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1 LTS",
"product": {
"name": "IBM MQ 9.1 LTS",
"product_id": "T015789",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1_lts"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "IBM MQ 8.0",
"product_id": "T015791",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:8.0"
}
}
},
{
"category": "product_version",
"name": "9.0 LTS",
"product": {
"name": "IBM MQ 9.0 LTS",
"product_id": "T015792",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.0_lts"
}
}
},
{
"category": "product_version",
"name": "9.2 LTS",
"product": {
"name": "IBM MQ 9.2 LTS",
"product_id": "T018186",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2_lts"
}
}
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"category": "product_version",
"name": "9.3 LTS",
"product": {
"name": "IBM MQ 9.3 LTS",
"product_id": "T024689",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_lts"
}
}
},
{
"category": "product_version",
"name": "HPE NonStop 8.1.0",
"product": {
"name": "IBM MQ HPE NonStop 8.1.0",
"product_id": "T026652",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:hpe_nonstop_8.1.0"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "v9",
"product": {
"name": "IBM Power Hardware Management Console v9",
"product_id": "T021107",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v9"
}
}
},
{
"category": "product_version",
"name": "v10",
"product": {
"name": "IBM Power Hardware Management Console v10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
},
{
"category": "product_version",
"name": "DS8000",
"product": {
"name": "IBM Power Hardware Management Console DS8000",
"product_id": "T028436",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:ds8000"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP8",
"product_id": "T033681"
}
},
{
"category": "product_version",
"name": "7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP8",
"product_id": "T033681-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF01",
"product_id": "T038741"
}
},
{
"category": "product_version",
"name": "7.5.0 UP10 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP10 IF01",
"product_id": "T038741-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if01"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP12",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP12",
"product_id": "T043784"
}
},
{
"category": "product_version",
"name": "7.5.0 UP12",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP12",
"product_id": "T043784-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up12"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.24",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.24",
"product_id": "T030689"
}
},
{
"category": "product_version",
"name": "8.0.0.24",
"product": {
"name": "IBM Rational Build Forge 8.0.0.24",
"product_id": "T030689-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.24"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.0.5",
"product": {
"name": "IBM Rational ClearCase \u003c9.1.0.5",
"product_id": "T030198"
}
},
{
"category": "product_version",
"name": "9.1.0.5",
"product": {
"name": "IBM Rational ClearCase 9.1.0.5",
"product_id": "T030198-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearcase:9.1.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.2.8",
"product": {
"name": "IBM Rational ClearCase \u003c9.0.2.8",
"product_id": "T030199"
}
},
{
"category": "product_version",
"name": "9.0.2.8",
"product": {
"name": "IBM Rational ClearCase 9.0.2.8",
"product_id": "T030199-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearcase:9.0.2.8"
}
}
}
],
"category": "product_name",
"name": "Rational ClearCase"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.3",
"product": {
"name": "IBM Rational ClearQuest \u003c10.0.3",
"product_id": "T030177"
}
},
{
"category": "product_version",
"name": "10.0.3",
"product": {
"name": "IBM Rational ClearQuest 10.0.3",
"product_id": "T030177-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:10.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.2.8",
"product": {
"name": "IBM Rational ClearQuest \u003c9.0.2.8",
"product_id": "T030204"
}
},
{
"category": "product_version",
"name": "9.0.2.8",
"product": {
"name": "IBM Rational ClearQuest 9.0.2.8",
"product_id": "T030204-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:9.0.2.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.0.5",
"product": {
"name": "IBM Rational ClearQuest \u003c9.1.0.5",
"product_id": "T030211"
}
},
{
"category": "product_version",
"name": "9.1.0.5",
"product": {
"name": "IBM Rational ClearQuest 9.1.0.5",
"product_id": "T030211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_clearquest:9.1.0.5"
}
}
}
],
"category": "product_name",
"name": "Rational ClearQuest"
},
{
"branches": [
{
"category": "product_version",
"name": "10.0.X",
"product": {
"name": "IBM Security Verify Access 10.0.X",
"product_id": "T026175",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:10.0.x"
}
}
},
{
"category": "product_version",
"name": "10.0.0.0-10.0.6.1",
"product": {
"name": "IBM Security Verify Access 10.0.0.0-10.0.6.1",
"product_id": "T031895",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:10.0.0.0_-_10.0.6.1"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"branches": [
{
"category": "product_version",
"name": "plus 10.1",
"product": {
"name": "IBM Spectrum Protect plus 10.1",
"product_id": "T015895",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
}
}
},
{
"category": "product_version",
"name": "10.1.14",
"product": {
"name": "IBM Spectrum Protect 10.1.14",
"product_id": "T026783",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1.14"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.1.17.2",
"product": {
"name": "IBM Spectrum Protect \u003c8.1.17.2",
"product_id": "T026807"
}
},
{
"category": "product_version",
"name": "8.1.17.2",
"product": {
"name": "IBM Spectrum Protect 8.1.17.2",
"product_id": "T026807-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1.17.2"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.17",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.17",
"product_id": "T042730"
}
},
{
"category": "product_version",
"name": "10.1.17",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.17",
"product_id": "T042730-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.17"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "HP NonStop \u003c3.6.0.6 iFix000",
"product": {
"name": "IBM Sterling Connect:Direct HP NonStop \u003c3.6.0.6 iFix000",
"product_id": "T042203"
}
},
{
"category": "product_version",
"name": "HP NonStop 3.6.0.6 iFix000",
"product": {
"name": "IBM Sterling Connect:Direct HP NonStop 3.6.0.6 iFix000",
"product_id": "T042203-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:hp_nonstop__3.6.0.6_ifix000"
}
}
}
],
"category": "product_name",
"name": "Sterling Connect:Direct"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10.72 SU2",
"product": {
"name": "LANCOM LCOS 10.72 SU2",
"product_id": "T026546",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:10.72_su2"
}
}
},
{
"category": "product_version",
"name": "10.50 RU10",
"product": {
"name": "LANCOM LCOS 10.50 RU10",
"product_id": "T026547",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:10.50_ru10"
}
}
},
{
"category": "product_version",
"name": "10.42 SU10",
"product": {
"name": "LANCOM LCOS 10.42 SU10",
"product_id": "T026548",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:10.42_su10"
}
}
},
{
"category": "product_version",
"name": "FX 10.11",
"product": {
"name": "LANCOM LCOS FX 10.11",
"product_id": "T026549",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:fx_10.11"
}
}
},
{
"category": "product_version",
"name": "LX 6.10",
"product": {
"name": "LANCOM LCOS LX 6.10",
"product_id": "T026550",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:lx_6.10"
}
}
},
{
"category": "product_version",
"name": "LX 5.38 SU1",
"product": {
"name": "LANCOM LCOS LX 5.38 SU1",
"product_id": "T026551",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:lx_5.38_su1"
}
}
},
{
"category": "product_version",
"name": "LX 5.36 SU2",
"product": {
"name": "LANCOM LCOS LX 5.36 SU2",
"product_id": "T026552",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:lx_5.36_su2"
}
}
},
{
"category": "product_version",
"name": "SX 4.20",
"product": {
"name": "LANCOM LCOS SX 4.20",
"product_id": "T026553",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:sx_4.20"
}
}
},
{
"category": "product_version",
"name": "SX 5.20 RU3",
"product": {
"name": "LANCOM LCOS SX 5.20 RU3",
"product_id": "T026554",
"product_identification_helper": {
"cpe": "cpe:/o:lancom:lcos:sx_5.20_ru3"
}
}
}
],
"category": "product_name",
"name": "LCOS"
}
],
"category": "vendor",
"name": "LANCOM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.06.012",
"product": {
"name": "Meinberg LANTIME 7.06.012",
"product_id": "T026735",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.06.012"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.06.013",
"product": {
"name": "Meinberg LANTIME \u003c7.06.013",
"product_id": "T027496"
}
},
{
"category": "product_version",
"name": "7.06.013",
"product": {
"name": "Meinberg LANTIME 7.06.013",
"product_id": "T027496-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.06.013"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "TN-5900 \u003c4.0",
"product": {
"name": "Moxa Router TN-5900 \u003c4.0",
"product_id": "T038009"
}
},
{
"category": "product_version",
"name": "TN-5900 4.0",
"product": {
"name": "Moxa Router TN-5900 4.0",
"product_id": "T038009-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:router:tn-5900__4.0"
}
}
}
],
"category": "product_name",
"name": "Router"
}
],
"category": "vendor",
"name": "Moxa"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp Data ONTAP",
"product": {
"name": "NetApp Data ONTAP",
"product_id": "7654",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.0.8",
"product": {
"name": "Open Source OpenSSL \u003c3.0.8",
"product_id": "T026178"
}
},
{
"category": "product_version",
"name": "3.0.8",
"product": {
"name": "Open Source OpenSSL 3.0.8",
"product_id": "T026178-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:3.0.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.1.1t",
"product": {
"name": "Open Source OpenSSL \u003c1.1.1t",
"product_id": "T026179"
}
},
{
"category": "product_version",
"name": "1.1.1t",
"product": {
"name": "Open Source OpenSSL 1.1.1t",
"product_id": "T026179-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.1.1t"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.0.2zg",
"product": {
"name": "Open Source OpenSSL \u003c1.0.2zg",
"product_id": "T026180"
}
},
{
"category": "product_version",
"name": "1.0.2zg",
"product": {
"name": "Open Source OpenSSL 1.0.2zg",
"product_id": "T026180-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openssl:openssl:1.0.2zg"
}
}
}
],
"category": "product_name",
"name": "OpenSSL"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3",
"product": {
"name": "Oracle VM 3",
"product_id": "T019617",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:3"
}
}
}
],
"category": "product_name",
"name": "VM"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Multicluster Engine",
"product": {
"name": "Red Hat Enterprise Linux Multicluster Engine",
"product_id": "T027598",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:multicluster_engine"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.11.43",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.11.43",
"product_id": "T028132"
}
},
{
"category": "product_version",
"name": "Container Platform 4.11.43",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11.43",
"product_id": "T028132-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.11.43"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.4",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.4",
"product_id": "T028225"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.4",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.4",
"product_id": "T028225-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.4"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.22",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.22",
"product_id": "T028307"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.22",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.22",
"product_id": "T028307-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.22"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500",
"product": {
"name": "Siemens SIMATIC S7 1500",
"product_id": "T019436",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500"
}
}
},
{
"category": "product_name",
"name": "Siemens SIMATIC S7",
"product": {
"name": "Siemens SIMATIC S7",
"product_id": "T020086",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:-"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "SolarWinds Platform \u003c2024.2",
"product_id": "T035149"
}
},
{
"category": "product_version",
"name": "2024.2",
"product": {
"name": "SolarWinds Platform 2024.2",
"product_id": "T035149-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:orion_platform:2024.2"
}
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.1.7-49sv",
"product": {
"name": "SonicWall SMA \u003c10.2.1.7-49sv",
"product_id": "897623"
}
},
{
"category": "product_version",
"name": "10.2.1.7-49sv",
"product": {
"name": "SonicWall SMA 10.2.1.7-49sv",
"product_id": "897623-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sonicwall:secure_mobile_access:-"
}
}
}
],
"category": "product_name",
"name": "SMA"
}
],
"category": "vendor",
"name": "SonicWall"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.0",
"product": {
"name": "Tenable Security Nessus \u003c10.5.0",
"product_id": "T026604"
}
},
{
"category": "product_version",
"name": "10.5.0",
"product": {
"name": "Tenable Security Nessus 10.5.0",
"product_id": "T026604-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.5.0"
}
}
},
{
"category": "product_version",
"name": "8.15.9",
"product": {
"name": "Tenable Security Nessus 8.15.9",
"product_id": "T026648",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:8.15.9"
}
}
},
{
"category": "product_version",
"name": "10.4.3",
"product": {
"name": "Tenable Security Nessus 10.4.3",
"product_id": "T026649",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.4.3"
}
}
},
{
"category": "product_version_range",
"name": "Agent \u003c10.3.2",
"product": {
"name": "Tenable Security Nessus Agent \u003c10.3.2",
"product_id": "T026696"
}
},
{
"category": "product_version",
"name": "Agent 10.3.2",
"product": {
"name": "Tenable Security Nessus Agent 10.3.2",
"product_id": "T026696-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:agent__10.3.2"
}
}
},
{
"category": "product_version_range",
"name": "Agent \u003c8.3.5",
"product": {
"name": "Tenable Security Nessus Agent \u003c8.3.5",
"product_id": "T026697"
}
},
{
"category": "product_version",
"name": "Agent 8.3.5",
"product": {
"name": "Tenable Security Nessus Agent 8.3.5",
"product_id": "T026697-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:agent__8.3.5"
}
}
}
],
"category": "product_name",
"name": "Nessus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.1",
"product": {
"name": "Tenable Security Nessus Network Monitor \u003c6.2.1",
"product_id": "T027665"
}
},
{
"category": "product_version",
"name": "6.2.1",
"product": {
"name": "Tenable Security Nessus Network Monitor 6.2.1",
"product_id": "T027665-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus_network_monitor:6.2.1"
}
}
}
],
"category": "product_name",
"name": "Nessus Network Monitor"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T015631",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0215",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"product_status": {
"known_affected": [
"T031895",
"T030204",
"T026180",
"T010951",
"T030689",
"T019535",
"T024689",
"433292",
"398363",
"T025770",
"T020086",
"T028132",
"T030211",
"T030177",
"1268578",
"389079",
"T033681",
"T012167",
"389078",
"897623",
"T032354",
"T015792",
"T015791",
"T022954",
"2951",
"T021107",
"T023403",
"T027844",
"T027564",
"T027562",
"T027563",
"T033533",
"672243",
"672244",
"T026604",
"T024663",
"T025512",
"T021398",
"T028225",
"T029951",
"T027496",
"T029950",
"T026175",
"T016945",
"T016944",
"T016943",
"T016942",
"T016786",
"T017100",
"4918",
"T000126",
"T026735",
"T026697",
"T027665",
"T026696",
"T026179",
"T026178",
"T006498",
"T038009",
"T021926",
"T004914",
"T026548",
"T026547",
"T026549",
"T023793",
"T027755",
"T019617",
"T026788",
"T026546",
"T026783",
"T027598",
"153340",
"867559",
"T035149",
"434967",
"7654",
"428468",
"T015631",
"1150328",
"T017562",
"T014381",
"T002207",
"867560",
"444803",
"T026554",
"T026551",
"T026550",
"T026553",
"T026552",
"67646",
"4035",
"T015789",
"T018186",
"1055431",
"T038741",
"T043784",
"T026807",
"T019436",
"T042730",
"T026648",
"T026649",
"T020304",
"T026646",
"T028307",
"T026647",
"T001663",
"T023373",
"T030199",
"T015895",
"T030198",
"T042203",
"T028436",
"1727",
"T021486",
"T026652"
]
},
"release_date": "2023-02-07T23:00:00.000+00:00",
"title": "CVE-2023-0401"
}
]
}
ICSA-25-065-01
Vulnerability from csaf_cisa - Published: 2025-02-25 13:30 - Updated: 2025-02-25 13:30Summary
Hitachi Energy PCU400
Notes
Summary
Hitachi Energy is aware of the multiple vulnerabilities related to various versions of OpenSSL library components used in PCU400 versions listed in this document below for IEC62351-3 secure for IEC104/DNP3
or PCULogger tool. These vulnerabilities if exploited, can cause confidentiality and availability impacts.
Refer to the Recommended Immediate Actions for information about the available mitigation/remediation
strategies.
Notice
The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warran-ties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software de-scribed in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.
General Mitigation Factors/Workarounds
Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Support
For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Hitachi Energy PSIRT's CSAF advisory.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Switzerland
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Hitachi Energy PSIRT",
"summary": "reporting these vulnerabilities to CISA."
},
{
"organization": "Dragos",
"summary": "responsibly reporting these vulnerabilities to Hitachi Energy."
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/specification-document",
"text": "HIGH"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "Hitachi Energy is aware of the multiple vulnerabilities related to various versions of OpenSSL library components used in PCU400 versions listed in this document below for IEC62351-3 secure for IEC104/DNP3\nor PCULogger tool. These vulnerabilities if exploited, can cause confidentiality and availability impacts.\nRefer to the Recommended Immediate Actions for information about the available mitigation/remediation\nstrategies.",
"title": "Summary"
},
{
"category": "legal_disclaimer",
"text": "The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warran-ties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software de-scribed in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.",
"title": "Notice"
},
{
"category": "general",
"text": "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"title": "General Mitigation Factors/Workarounds"
},
{
"category": "other",
"text": "For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.",
"title": "Support"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Hitachi Energy PSIRT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Switzerland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-065-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-065-01.json"
},
{
"category": "self",
"summary": "CYBERSECURITY ADVISORY - OpenSSL Vulnerabilities in Hitachi Energy PCU400 Product",
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8dbd000213\u0026languageCode=en\u0026Preview=true"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-065-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-065-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Hitachi Energy PCU400",
"tracking": {
"current_release_date": "2025-02-25T13:30:00.000000Z",
"generator": {
"date": "2025-02-25T09:29:19.632000Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-065-01",
"initial_release_date": "2025-02-25T13:30:00.000000Z",
"revision_history": [
{
"date": "2025-02-25T13:30:00.000000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=6.5_K",
"product": {
"name": "PCU400 versions 6.5 K and below",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version_range",
"name": "\u003c=9.4.1",
"product": {
"name": "PCU400 versions 9.4.1 and below",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version",
"name": "6.6.0",
"product": {
"name": "PCU400 version 6.6.0",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version",
"name": "9.4.2",
"product": {
"name": "PCU400 version 9.4.2",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_family",
"name": "PCU400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.1.0",
"product": {
"name": "PCULogger versions 1.1.0 and below",
"product_id": "CSAFPID-0005"
}
},
{
"category": "product_version",
"name": "1.2.0",
"product": {
"name": "PCULogger version 1.2.0",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_family",
"name": "PCULogger"
}
],
"category": "vendor",
"name": "Hitachi Energy"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "description",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the\nx400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2023-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2023-0217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2023-0217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2023-0216",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not\ncall this function however third party applications might call these functions on untrusted data.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2023-0216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time\nstamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2023-0401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user\napplications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream,\nPEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2023-0215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and\ndecodes the \"name\" (e.g. CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are\npopulated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results\nin 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most\nlikely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around\nPEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including\nPEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2022-4450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "description",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher\nstyle attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client\nand a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2022-4304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a\nmalicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0006"
],
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2022-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version\n6.6.0 or latest",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "If IEC62351-3 secure for IEC104/DNP3 is used, then update to version 9.4.2 or latest",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "no_fix_planned",
"details": "If the PCULogger program is used, then update to version 1.2.0* when available. This version is compatible with PCU400 9.4.2 and later",
"product_ids": [
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0005"
]
}
]
}
]
}
ICSA-24-046-15
Vulnerability from csaf_cisa - Published: 2024-02-13 00:00 - Updated: 2024-03-12 00:00Summary
Siemens SINEC NMS
Notes
Summary
SINEC NMS before V2.0 SP1 is affected by multiple vulnerabilities.
Siemens has released an update for SINEC NMS and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC NMS before V2.0 SP1 is affected by multiple vulnerabilities.\n\nSiemens has released an update for SINEC NMS and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-943925.json"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-943925.html"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-943925.pdf"
},
{
"category": "self",
"summary": "SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-943925.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-046-15 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-046-15.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-046-15 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-15"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SINEC NMS",
"tracking": {
"current_release_date": "2024-03-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-046-15",
"initial_release_date": "2024-02-13T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-02-13T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-03-12T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added missing acknowledgment for CVE-2024-23811"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0_SP1",
"product": {
"name": "SINEC NMS",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEC NMS"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-1255",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-1255"
},
{
"cve": "CVE-2023-2454",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-2454"
},
{
"cve": "CVE-2023-2455",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-2455"
},
{
"cve": "CVE-2023-2650",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-2975",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus (\u0027p\u0027 parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length. However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \u0027-check\u0027 option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the \"-check\" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-25690",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\r\n\r\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. \r\n\r\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-27522",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-27533",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27537",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27537"
},
{
"cve": "CVE-2023-27538",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "libcurl would reuse a previously created connection even when an SSH related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, two SSH settings were left out from the configuration match checks, making them match too easily.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use after free vulnerability exists in curl \u003cv8.1.0 in the way libcurl offers a feature to verify an SSH server\u0027s public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28320",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A denial of service vulnerability exists in curl \u003cv8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "An improper certificate validation vulnerability exists in curl \u003cv8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability exists in curl \u003cv8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-28709",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "summary",
"text": "The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount\u00a0could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters\u00a0in the query string, the limit for uploaded request parts could be\u00a0bypassed with the potential for a denial of service to occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28709"
},
{
"cve": "CVE-2023-30581",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30581"
},
{
"cve": "CVE-2023-30582",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. As a result, malicious actors can monitor files that they do not have explicit read access to.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30582"
},
{
"cve": "CVE-2023-30583",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "fs.openAsBlob() can bypass the experimental permission model when using the file system read restriction with the --allow-fs-read flag in Node.js. This vulnerability arises from a missing check in the fs.openAsBlob() API.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30583"
},
{
"cve": "CVE-2023-30584",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the experimental permission model of Node.js leads to improper handling of path traversal bypass when verifying file permissions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30584"
},
{
"cve": "CVE-2023-30585",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the \"msiexec.exe\" process, running under the NT AUTHORITY\\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user\u0027s registry.\n\nThe issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, the \"msiexec.exe\" process attempts to create the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in arbitrary locations.\n\nThe severity of this vulnerability is heightened by the fact that the %USERPROFILE% environment variable in the Windows registry can be modified by standard (or \"non-privileged\") users. Consequently, unprivileged actors, including malicious entities or trojans, can manipulate the environment variable key to deceive the privileged \"msiexec.exe\" process. This manipulation can result in the creation of folders in unintended and potentially malicious locations.\n\nIt is important to note that this vulnerability is specific to Windows users who install Node.js using the .msi installer. Users who opt for other installation methods are not affected by this particular issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30585"
},
{
"cve": "CVE-2023-30586",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process\u0027s stack memory to locate the permission model Permission::enabled_ in the host process\u0027s heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30586"
},
{
"cve": "CVE-2023-30587",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Node.js allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module (node:inspector). By exploiting the Worker class\u0027s ability to create an \"internal worker\" with the kIsInternal Symbol, attackers can modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30587"
},
{
"cve": "CVE-2023-30588",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30588"
},
{
"cve": "CVE-2023-30589",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).\r\n\r\nThe CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30589"
},
{
"cve": "CVE-2023-30590",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: \"Generates private and public Diffie-Hellman key values\".\n\nThe documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-30590"
},
{
"cve": "CVE-2023-31124",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-31124"
},
{
"cve": "CVE-2023-31130",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-31130"
},
{
"cve": "CVE-2023-31147",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-31147"
},
{
"cve": "CVE-2023-32002",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32002"
},
{
"cve": "CVE-2023-32003",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32003"
},
{
"cve": "CVE-2023-32004",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32004"
},
{
"cve": "CVE-2023-32005",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument.\n\nThis flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32005"
},
{
"cve": "CVE-2023-32006",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32006"
},
{
"cve": "CVE-2023-32067",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32558",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. \n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.x.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32558"
},
{
"cve": "CVE-2023-32559",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding(\u0027spawn_sync\u0027)` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-32559"
},
{
"cve": "CVE-2023-34035",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "Spring Security versions 5.8\u00a0prior to 5.8.5, 6.0\u00a0prior to 6.0.5,\u00a0and 6.1\u00a0prior to 6.1.2\u00a0could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String)\u00a0and multiple servlets, one of them being Spring MVC\u2019s DispatcherServlet.\u00a0(DispatcherServlet\u00a0is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * Spring MVC is on the classpath\n * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC\u2019s DispatcherServlet)\n * The application uses requestMatchers(String)\u00a0to refer to endpoints that are not Spring MVC endpoints\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not have Spring MVC on the classpath\n * The application secures no servlets other than Spring MVC\u2019s DispatcherServlet\n * The application uses requestMatchers(String)\u00a0only for Spring MVC endpoints",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-34035"
},
{
"cve": "CVE-2023-35945",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u2019s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-35945"
},
{
"cve": "CVE-2023-38039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-38039"
},
{
"cve": "CVE-2023-38199",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka \"Content-Type confusion\" between the WAF and the backend application. This occurs when the web application relies on only the last Content-Type header. Other platforms may reject the additional Content-Type header or merge conflicting headers, leading to detection as a malformed header.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-38199"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-39417",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-39417"
},
{
"cve": "CVE-2023-39418",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-39418"
},
{
"cve": "CVE-2023-41080",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "summary",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\n\nThe vulnerability is limited to the ROOT (default) web application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-41080"
},
{
"cve": "CVE-2023-46120",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-46120"
},
{
"cve": "CVE-2024-23810",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-23810"
},
{
"cve": "CVE-2024-23811",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-23811"
},
{
"cve": "CVE-2024-23812",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 SP1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109826954/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-23812"
}
]
}
ICSA-23-229-01
Vulnerability from csaf_cisa - Published: 2023-08-17 06:00 - Updated: 2023-08-17 06:00Summary
ICONICS and Mitsubishi Electric Products
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in information disclosure, denial-of-service, or remote code execution.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
ICONICS is headquartered in the United States. Mitsubishi Electric is headquartered in Japan.
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{
"document": {
"acknowledgments": [
{
"organization": "ICONICS",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could result in information disclosure, denial-of-service, or remote code execution.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "ICONICS is headquartered in the United States. Mitsubishi Electric is headquartered in Japan.",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-23-229-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-229-01.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-23-229-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "ICONICS and Mitsubishi Electric Products",
"tracking": {
"current_release_date": "2023-08-17T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-229-01",
"initial_release_date": "2023-08-17T06:00:00.000000Z",
"revision_history": [
{
"date": "2023-08-17T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10.97.2",
"product": {
"name": "ICONICS Suite including GENESIS64, Hyper Historian, AnalytiX, and MobileHMI: 10.97.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "ICONICS Suite including GENESIS64, Hyper Historian, AnalytiX, and MobileHMI"
}
],
"category": "vendor",
"name": "ICONICS, Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3602",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A denial of service and potential crash vulnerability due to a buffer overrun condition exists in the OpenSSL library used in the ICONICS Suite. This vulnerability is in the X.509 certificate name constraint checking.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3602"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A denial-of-service vulnerability due to a buffer overrun condition exists in the OpenSSL library used in the ICONICS Suite. This vulnerability is in the X.509 certificate verification.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A denial-of-service vulnerability due to an out of bounds read condition exists in the OpenSSL library used in the ICONICS Suite. This vulnerability is in the X.509 certificate verification.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4203"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability due to an observable timing discrepancy exists in the OpenSSL library used in the ICONICS Suite. This vulnerability is in the RSA decryption implementation.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4304"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "A denial of service and potential crash vulnerability due to a double free condition exists in the OpenSSL library used in the ICONICS Suite. This vulnerability is in the reading of a PEM file.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4450"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A denial of service and potential crash vulnerability due to a NULL Pointer dereference exists in the OpenSSL library used in the ICONICS Suite. This vulnerability can occur when signatures are being verified.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0401"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 10.97.2 Critical Fixes Rollup 2 and later is not vulnerable to these exploits. ICONICS recommends that users of its products take the following mitigation steps:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ensure the 10.97.2 Critical Fixes Rollup release is applied to version 10.97.2 systems.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For systems that do not contain the patch/fix:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not use the BACnet/SC feature on a production system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric recommend updating the ICONICS Suite with the latest security patches as they become available. ICONICS Suite security patches may be found here (login required).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://partners.iconics.com/Home.aspx"
},
{
"category": "mitigation",
"details": "ICONICS and Mitsubishi Electric are releasing security updates as critical fixes/rollups release. For more information, refer to the ICONICS whitepaper on security vulnerabilities, the most recent version of which can be found here.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://iconics.com/About/Security/CERT"
},
{
"category": "mitigation",
"details": "Additional information about the security updates may also be found in Mitsubishi Electric\u0027s security advisories:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Advisory 2022-014",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf"
},
{
"category": "mitigation",
"details": "Advisory 2023-009",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-009_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-23-320-08
Vulnerability from csaf_cisa - Published: 2023-11-14 00:00 - Updated: 2024-03-12 00:00Summary
Siemens SCALANCE Family Products
Notes
Summary
SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family before V4.5 is affected by multiple vulnerabilities.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-699386.json"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf"
},
{
"category": "self",
"summary": "SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-699386.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-23-320-08 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-320-08.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-23-320-08 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SCALANCE Family Products",
"tracking": {
"current_release_date": "2024-03-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-23-320-08",
"initial_release_date": "2023-11-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2023-11-14T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2023-12-12T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Clarify: Remove product description for SCALANCE M-800/S615"
},
{
"date": "2024-03-12T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Move CVE-2023-44318 and CVE-2023-44321 to SSA-353002 as it currently is still unfixed."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)",
"product_id": "CSAFPID-0015",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)",
"product_id": "CSAFPID-0016",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)",
"product_id": "CSAFPID-0017",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BD00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)",
"product_id": "CSAFPID-0018",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BB00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)",
"product_id": "CSAFPID-0019",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)",
"product_id": "CSAFPID-0020",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)",
"product_id": "CSAFPID-0021",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)",
"product_id": "CSAFPID-0022",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)",
"product_id": "CSAFPID-0023",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)",
"product_id": "CSAFPID-0024",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)",
"product_id": "CSAFPID-0025",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)",
"product_id": "CSAFPID-0026",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)",
"product_id": "CSAFPID-0027",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)",
"product_id": "CSAFPID-0028",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)",
"product_id": "CSAFPID-0029",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)",
"product_id": "CSAFPID-0030",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)",
"product_id": "CSAFPID-0031",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)",
"product_id": "CSAFPID-0032",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)",
"product_id": "CSAFPID-0033",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)",
"product_id": "CSAFPID-0034",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)",
"product_id": "CSAFPID-0035",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)",
"product_id": "CSAFPID-0036",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)",
"product_id": "CSAFPID-0037",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)",
"product_id": "CSAFPID-0038",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)",
"product_id": "CSAFPID-0039",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)",
"product_id": "CSAFPID-0040",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)",
"product_id": "CSAFPID-0041",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)",
"product_id": "CSAFPID-0042",
"product_identification_helper": {
"model_numbers": [
"6GK5224-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)",
"product_id": "CSAFPID-0043",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)",
"product_id": "CSAFPID-0044",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)",
"product_id": "CSAFPID-0045",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)",
"product_id": "CSAFPID-0046",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)",
"product_id": "CSAFPID-0047",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)",
"product_id": "CSAFPID-0048",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)",
"product_id": "CSAFPID-0049",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)",
"product_id": "CSAFPID-0050",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)",
"product_id": "CSAFPID-0051",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)",
"product_id": "CSAFPID-0052",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)",
"product_id": "CSAFPID-0053",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)",
"product_id": "CSAFPID-0054",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)",
"product_id": "CSAFPID-0055",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)",
"product_id": "CSAFPID-0056",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)",
"product_id": "CSAFPID-0057",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)",
"product_id": "CSAFPID-0058",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)",
"product_id": "CSAFPID-0059",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)",
"product_id": "CSAFPID-0060",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)",
"product_id": "CSAFPID-0061",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)",
"product_id": "CSAFPID-0062",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)",
"product_id": "CSAFPID-0063",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)",
"product_id": "CSAFPID-0064",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)",
"product_id": "CSAFPID-0065",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)",
"product_id": "CSAFPID-0066",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)",
"product_id": "CSAFPID-0067",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)",
"product_id": "CSAFPID-0068",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BB00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)",
"product_id": "CSAFPID-0069",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)",
"product_id": "CSAFPID-0070",
"product_identification_helper": {
"model_numbers": [
"6AG1208-0BA00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.5",
"product": {
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)",
"product_id": "CSAFPID-0071",
"product_identification_helper": {
"model_numbers": [
"6AG1216-4BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-4203",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the \"name\" (e.g. \"CERTIFICATE\"), any header data and the payload data. If the function succeeds then the \"name_out\", \"header\" and \"data\" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2023-0216",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-2650",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(square(n)) with \u0027n\u0027 being the size of the sub-identifiers in bytes (*). With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms. Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data. Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low. In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature. The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer\u0027s certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication. In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-2650"
},
{
"cve": "CVE-2023-44317",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"notes": [
{
"category": "summary",
"text": "Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44317"
},
{
"cve": "CVE-2023-44319",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "summary",
"text": "Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44319"
},
{
"cve": "CVE-2023-44320",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44320"
},
{
"cve": "CVE-2023-44322",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "summary",
"text": "Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44322"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2023-44374",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"notes": [
{
"category": "summary",
"text": "Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.5 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109825818/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0066",
"CSAFPID-0067",
"CSAFPID-0068",
"CSAFPID-0069",
"CSAFPID-0070",
"CSAFPID-0071"
]
}
],
"title": "CVE-2023-44374"
}
]
}
GSD-2022-4203
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-4203",
"description": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"id": "GSD-2022-4203",
"references": [
"https://access.redhat.com/errata/RHSA-2023:0946",
"https://www.suse.com/security/cve/CVE-2022-4203.html",
"https://ubuntu.com/security/CVE-2022-4203"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-4203"
],
"details": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"id": "GSD-2022-4203",
"modified": "2023-12-13T01:19:15.224443Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"ID": "CVE-2022-4203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.0.0",
"version_value": "3.0.8"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Corey Bonnell from Digicert"
},
{
"lang": "en",
"value": "Viktor Dukhovni"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "read buffer overrun "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20230207.txt",
"refsource": "MISC",
"url": "https://www.openssl.org/news/secadv/20230207.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc",
"refsource": "MISC",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"name": "https://security.gentoo.org/glsa/202402-08",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202402-08"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=3.0.0 \u003c3.0.8",
"affected_versions": "All versions starting from 3.0.0 before 3.0.8",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-125",
"CWE-937"
],
"date": "2023-03-09",
"description": "A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.",
"fixed_versions": [
"3.0.8"
],
"identifier": "CVE-2022-4203",
"identifiers": [
"CVE-2022-4203"
],
"not_impacted": "All versions before 3.0.0, all versions starting from 3.0.8",
"package_slug": "conan/openssl",
"pubdate": "2023-02-24",
"solution": "Upgrade to version 3.0.8 or above.",
"title": "Out-of-bounds Read",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-4203",
"https://www.openssl.org/news/secadv/20230207.txt",
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
],
"uuid": "fdfdefbe-58d0-43d1-9667-ab282b0e6634"
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DC5D88-4E99-48F2-8892-610ACA9B5B86",
"versionEndExcluding": "3.0.8",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects.\n\n"
}
],
"id": "CVE-2022-4203",
"lastModified": "2024-02-04T09:15:08.533",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-24T15:15:11.980",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"source": "openssl-security@openssl.org",
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
FKIE_CVE-2022-4203
Vulnerability from fkie_nvd - Published: 2023-02-24 15:15 - Updated: 2025-11-04 20:16
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A read buffer overrun can be triggered in X.509 certificate verification,
specifically in name constraint checking. Note that this occurs
after certificate chain signature verification and requires either a
CA to have signed the malicious certificate or for the application to
continue certificate verification despite failure to construct a path
to a trusted issuer.
The read buffer overrun might result in a crash which could lead to
a denial of service attack. In theory it could also result in the disclosure
of private memory contents (such as private keys, or sensitive plaintext)
although we are not aware of any working exploit leading to memory
contents disclosure as of the time of release of this advisory.
In a TLS client, this can be triggered by connecting to a malicious
server. In a TLS server, this can be triggered if the server requests
client authentication and a malicious client connects.
References
| URL | Tags | ||
|---|---|---|---|
| openssl-security@openssl.org | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc | Mailing List, Patch | |
| openssl-security@openssl.org | https://security.gentoo.org/glsa/202402-08 | ||
| openssl-security@openssl.org | https://www.openssl.org/news/secadv/20230207.txt | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc | Mailing List, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-08 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssl.org/news/secadv/20230207.txt | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DC5D88-4E99-48F2-8892-610ACA9B5B86",
"versionEndExcluding": "3.0.8",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A read buffer overrun can be triggered in X.509 certificate verification,\nspecifically in name constraint checking. Note that this occurs\nafter certificate chain signature verification and requires either a\nCA to have signed the malicious certificate or for the application to\ncontinue certificate verification despite failure to construct a path\nto a trusted issuer.\n\nThe read buffer overrun might result in a crash which could lead to\na denial of service attack. In theory it could also result in the disclosure\nof private memory contents (such as private keys, or sensitive plaintext)\nalthough we are not aware of any working exploit leading to memory\ncontents disclosure as of the time of release of this advisory.\n\nIn a TLS client, this can be triggered by connecting to a malicious\nserver. In a TLS server, this can be triggered if the server requests\nclient authentication and a malicious client connects."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer de lectura puede activarse en la verificaci\u00f3n de certificados X.509, espec\u00edficamente en la verificaci\u00f3n de restricciones de nombre. Tenga en cuenta que esto ocurre despu\u00e9s de la verificaci\u00f3n de la firma de la cadena de certificados y requiere que una CA haya firmado el certificado malicioso o que la aplicaci\u00f3n contin\u00fae con la verificaci\u00f3n del certificado a pesar de no poder construir una ruta a un emisor de confianza. El desbordamiento del b\u00fafer de lectura puede provocar un bloqueo que podr\u00eda conducir a un ataque de denegaci\u00f3n de servicio. En teor\u00eda, tambi\u00e9n podr\u00eda provocar la divulgaci\u00f3n de contenidos de memoria privada (como claves privadas o texto plano confidencial), aunque no conocemos ning\u00fan exploit en funcionamiento que conduzca a la divulgaci\u00f3n de contenidos de memoria al momento de la publicaci\u00f3n de este aviso. En un cliente TLS, esto puede activarse al conectarse a un servidor malicioso. En un servidor TLS, esto puede activarse si el servidor solicita la autenticaci\u00f3n del cliente y un cliente malicioso se conecta."
}
],
"id": "CVE-2022-4203",
"lastModified": "2025-11-04T20:16:14.693",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-24T15:15:11.980",
"references": [
{
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"source": "openssl-security@openssl.org",
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20230207.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c927a3492698c254637da836762f9b1f86cffabc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv/20230207.txt"
}
],
"sourceIdentifier": "openssl-security@openssl.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…