cvelistv5 - cve-2024-36387

cve-2024-36387

Vulnerability from cvelistv5

Published

2024-07-01 18:10

Modified

2025-02-13 17:52

Severity ?

Summary

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.

References

▼	URL	Tags
	security@apache.org	https://httpd.apache.org/security/vulnerabilities_24.html
	security@apache.org	https://security.netapp.com/advisory/ntap-20240712-0001/
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/07/01/4
	af854a3a-2127-422b-91ae-364da2661108	https://httpd.apache.org/security/vulnerabilities_24.html
	af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240712-0001/

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.55 ≤ 2.4.59

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "LOW",
                     baseScore: 5.4,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "NONE",
                     integrityImpact: "LOW",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-36387",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-22T16:22:03.472412Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-25T17:28:29.258Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-09-13T17:04:49.998Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://httpd.apache.org/security/vulnerabilities_24.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20240712-0001/",
               },
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/07/01/4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Apache HTTP Server",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     lessThanOrEqual: "2.4.59",
                     status: "affected",
                     version: "2.4.55",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Marc Stern (<marc.stern@approach-cyber.com>)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
                  },
               ],
               value: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     text: "low",
                  },
                  type: "Textual description of severity",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476 NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-12T14:06:19.347Z",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20240712-0001/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         timeline: [
            {
               lang: "en",
               time: "2024-05-27T13:23:00.000Z",
               value: "fixed in r1918003 in trunk",
            },
         ],
         title: "Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2024-36387",
      datePublished: "2024-07-01T18:10:25.512Z",
      dateReserved: "2024-05-27T11:13:32.415Z",
      dateUpdated: "2025-02-13T17:52:53.571Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         descriptions: "[{\"lang\": \"en\", \"value\": \"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.\"}, {\"lang\": \"es\", \"value\": \"Ofrecer actualizaciones del protocolo WebSocket a trav\\u00e9s de una conexi\\u00f3n HTTP/2 podr\\u00eda provocar una desreferencia del puntero nulo, lo que provocar\\u00eda una falla del proceso del servidor y degradar\\u00eda el rendimiento.\"}]",
         id: "CVE-2024-36387",
         lastModified: "2024-11-25T18:15:12.440",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}]}",
         published: "2024-07-01T19:15:03.497",
         references: "[{\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"source\": \"security@apache.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\", \"source\": \"security@apache.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "security@apache.org",
         vulnStatus: "Awaiting Analysis",
         weaknesses: "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2024-36387\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-07-01T19:15:03.497\",\"lastModified\":\"2024-11-25T18:15:12.440\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.\"},{\"lang\":\"es\",\"value\":\"Ofrecer actualizaciones del protocolo WebSocket a través de una conexión HTTP/2 podría provocar una desreferencia del puntero nulo, lo que provocaría una falla del proceso del servidor y degradaría el rendimiento.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"references\":[{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0001/\",\"source\":\"security@apache.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/07/01/4\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-13T17:04:49.998Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-36387\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-22T16:22:03.472412Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-22T16:22:11.141Z\"}}], \"cna\": {\"title\": \"Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Marc Stern (<marc.stern@approach-cyber.com>)\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"low\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache HTTP Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.4.55\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.4.59\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-05-27T13:23:00.000Z\", \"value\": \"fixed in r1918003 in trunk\"}], \"references\": [{\"url\": \"https://httpd.apache.org/security/vulnerabilities_24.html\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0001/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-07-12T14:06:19.347Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-36387\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:52:53.571Z\", \"dateReserved\": \"2024-05-27T11:13:32.415Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-07-01T18:10:25.512Z\", \"assignerShortName\": \"apache\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

NCSC-2024-0275

Vulnerability from csaf_ncscnl

Published

2024-07-02 11:44

Modified

2024-07-02 11:44

Summary

Kwetsbaarheden verholpen in Apache HHTP-server

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.

Oplossingen

Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-116

Improper Encoding or Escaping of Output

CWE-172

Encoding Error

CWE-20

Improper Input Validation

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-284

Improper Access Control

CWE-404

Improper Resource Shutdown or Release

CWE-476

NULL Pointer Dereference

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

CWE-918

Server-Side Request Forgery (SSRF)

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Encoding or Escaping of Output",
            title: "CWE-116",
         },
         {
            category: "general",
            text: "Encoding Error",
            title: "CWE-172",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Exposure of Sensitive Information to an Unauthorized Actor",
            title: "CWE-200",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "NULL Pointer Dereference",
            title: "CWE-476",
         },
         {
            category: "general",
            text: "Inclusion of Functionality from Untrusted Control Sphere",
            title: "CWE-829",
         },
         {
            category: "general",
            text: "Server-Side Request Forgery (SSRF)",
            title: "CWE-918",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; ibm; nvd; redhat",
            url: "https://httpd.apache.org/security/vulnerabilities_24.html",
         },
      ],
      title: "Kwetsbaarheden verholpen in Apache HHTP-server",
      tracking: {
         current_release_date: "2024-07-02T11:44:22.653047Z",
         id: "NCSC-2024-0275",
         initial_release_date: "2024-07-02T11:44:22.653047Z",
         revision_history: [
            {
               date: "2024-07-02T11:44:22.653047Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1465466",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1491761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1491762",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.59:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "apache_software_foundation",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76769",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76766",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139639",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76770",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76772",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139611",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139603",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139596",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139667",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139663",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139697",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76762",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139591",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139684",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139652",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-96956",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139580",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139628",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139643",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139651",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139623",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139593",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76764",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139704",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139647",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139728",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139724",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139584",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139696",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139685",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139677",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139585",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139577",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.39:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139664",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139675",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.41:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139602",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.42:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139569",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.43:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139689",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.44:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139655",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.45:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139716",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.46:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139737",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.47:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139568",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.48:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139711",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139589",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139662",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.50:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139619",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.51:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139563",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.52:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139637",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.53:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-140516",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.54:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-142004",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473391",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.56:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473393",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.57:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473392",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.58:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1491521",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.59:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76763",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76771",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76773",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "apache",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1491761",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36387",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json",
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38472",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38472",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json",
            },
         ],
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38473",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json",
            },
         ],
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38474",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38475",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Inclusion of Functionality from Untrusted Control Sphere",
               title: "CWE-829",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38476",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json",
            },
         ],
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38477",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-39573",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39573",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json",
            },
         ],
         title: "CVE-2024-39573",
      },
   ],
}

NCSC-2024-0411

Vulnerability from csaf_ncscnl

Published

2024-10-17 13:15

Modified

2024-10-17 13:15

Summary

Kwetsbaarheden verholpen in Oracle Database producten

Notes

Feiten

Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipuleren van data - Toegang tot gevoelige gegevens

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-130

Improper Handling of Length Parameter Inconsistency

CWE-208

Observable Timing Discrepancy

CWE-776

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-755

Improper Handling of Exceptional Conditions

CWE-834

Excessive Iteration

CWE-407

Inefficient Algorithmic Complexity

CWE-178

Improper Handling of Case Sensitivity

CWE-732

Incorrect Permission Assignment for Critical Resource

CWE-415

Double Free

CWE-311

Missing Encryption of Sensitive Data

CWE-427

Uncontrolled Search Path Element

CWE-172

Encoding Error

CWE-680

Integer Overflow to Buffer Overflow

CWE-426

Untrusted Search Path

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-116

Improper Encoding or Escaping of Output

CWE-345

Insufficient Verification of Data Authenticity

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-203

Observable Discrepancy

CWE-190

Integer Overflow or Wraparound

CWE-552

Files or Directories Accessible to External Parties

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-125

Out-of-bounds Read

CWE-404

Improper Resource Shutdown or Release

CWE-275

CWE-284

Improper Access Control

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333

Inefficient Regular Expression Complexity

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-416

Use After Free

CWE-401

Missing Release of Memory after Effective Lifetime

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-668

Exposure of Resource to Wrong Sphere

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-502

Deserialization of Untrusted Data

CWE-918

Server-Side Request Forgery (SSRF)

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787

Out-of-bounds Write

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-122

Heap-based Buffer Overflow

CWE-121

Stack-based Buffer Overflow

CWE-681

Incorrect Conversion between Numeric Types

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-269

Improper Privilege Management

CWE-20

Improper Input Validation

CWE-87

Improper Neutralization of Alternate XSS Syntax

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-18

CWE-385

Covert Timing Channel

CWE-606

Unchecked Input for Loop Condition

CWE-192

Integer Coercion Error

CWE-390

Detection of Error Condition Without Action

CWE-1325

Improperly Controlled Sequential Memory Allocation

CWE-222

Truncation of Security-relevant Information

CWE-131

Incorrect Calculation of Buffer Size

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-304

Missing Critical Step in Authentication

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Handling of Length Parameter Inconsistency",
            title: "CWE-130",
         },
         {
            category: "general",
            text: "Observable Timing Discrepancy",
            title: "CWE-208",
         },
         {
            category: "general",
            text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
            title: "CWE-776",
         },
         {
            category: "general",
            text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
            title: "CWE-88",
         },
         {
            category: "general",
            text: "Improper Handling of Exceptional Conditions",
            title: "CWE-755",
         },
         {
            category: "general",
            text: "Excessive Iteration",
            title: "CWE-834",
         },
         {
            category: "general",
            text: "Inefficient Algorithmic Complexity",
            title: "CWE-407",
         },
         {
            category: "general",
            text: "Improper Handling of Case Sensitivity",
            title: "CWE-178",
         },
         {
            category: "general",
            text: "Incorrect Permission Assignment for Critical Resource",
            title: "CWE-732",
         },
         {
            category: "general",
            text: "Double Free",
            title: "CWE-415",
         },
         {
            category: "general",
            text: "Missing Encryption of Sensitive Data",
            title: "CWE-311",
         },
         {
            category: "general",
            text: "Uncontrolled Search Path Element",
            title: "CWE-427",
         },
         {
            category: "general",
            text: "Encoding Error",
            title: "CWE-172",
         },
         {
            category: "general",
            text: "Integer Overflow to Buffer Overflow",
            title: "CWE-680",
         },
         {
            category: "general",
            text: "Untrusted Search Path",
            title: "CWE-426",
         },
         {
            category: "general",
            text: "Access of Resource Using Incompatible Type ('Type Confusion')",
            title: "CWE-843",
         },
         {
            category: "general",
            text: "Improper Encoding or Escaping of Output",
            title: "CWE-116",
         },
         {
            category: "general",
            text: "Insufficient Verification of Data Authenticity",
            title: "CWE-345",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
            title: "CWE-77",
         },
         {
            category: "general",
            text: "Observable Discrepancy",
            title: "CWE-203",
         },
         {
            category: "general",
            text: "Integer Overflow or Wraparound",
            title: "CWE-190",
         },
         {
            category: "general",
            text: "Files or Directories Accessible to External Parties",
            title: "CWE-552",
         },
         {
            category: "general",
            text: "Authorization Bypass Through User-Controlled Key",
            title: "CWE-639",
         },
         {
            category: "general",
            text: "Out-of-bounds Read",
            title: "CWE-125",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "CWE-275",
            title: "CWE-275",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
            title: "CWE-119",
         },
         {
            category: "general",
            text: "Inefficient Regular Expression Complexity",
            title: "CWE-1333",
         },
         {
            category: "general",
            text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
            title: "CWE-1321",
         },
         {
            category: "general",
            text: "Use After Free",
            title: "CWE-416",
         },
         {
            category: "general",
            text: "Missing Release of Memory after Effective Lifetime",
            title: "CWE-401",
         },
         {
            category: "general",
            text: "NULL Pointer Dereference",
            title: "CWE-476",
         },
         {
            category: "general",
            text: "Improper Certificate Validation",
            title: "CWE-295",
         },
         {
            category: "general",
            text: "Exposure of Resource to Wrong Sphere",
            title: "CWE-668",
         },
         {
            category: "general",
            text: "Inclusion of Functionality from Untrusted Control Sphere",
            title: "CWE-829",
         },
         {
            category: "general",
            text: "Use of a Broken or Risky Cryptographic Algorithm",
            title: "CWE-327",
         },
         {
            category: "general",
            text: "Uncontrolled Resource Consumption",
            title: "CWE-400",
         },
         {
            category: "general",
            text: "Allocation of Resources Without Limits or Throttling",
            title: "CWE-770",
         },
         {
            category: "general",
            text: "Deserialization of Untrusted Data",
            title: "CWE-502",
         },
         {
            category: "general",
            text: "Server-Side Request Forgery (SSRF)",
            title: "CWE-918",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
            title: "CWE-78",
         },
         {
            category: "general",
            text: "Out-of-bounds Write",
            title: "CWE-787",
         },
         {
            category: "general",
            text: "Exposure of Sensitive Information to an Unauthorized Actor",
            title: "CWE-200",
         },
         {
            category: "general",
            text: "Heap-based Buffer Overflow",
            title: "CWE-122",
         },
         {
            category: "general",
            text: "Stack-based Buffer Overflow",
            title: "CWE-121",
         },
         {
            category: "general",
            text: "Incorrect Conversion between Numeric Types",
            title: "CWE-681",
         },
         {
            category: "general",
            text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
            title: "CWE-835",
         },
         {
            category: "general",
            text: "Improper Privilege Management",
            title: "CWE-269",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Improper Neutralization of Alternate XSS Syntax",
            title: "CWE-87",
         },
         {
            category: "general",
            text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
            title: "CWE-79",
         },
         {
            category: "general",
            text: "CWE-18",
            title: "CWE-18",
         },
         {
            category: "general",
            text: "Covert Timing Channel",
            title: "CWE-385",
         },
         {
            category: "general",
            text: "Unchecked Input for Loop Condition",
            title: "CWE-606",
         },
         {
            category: "general",
            text: "Integer Coercion Error",
            title: "CWE-192",
         },
         {
            category: "general",
            text: "Detection of Error Condition Without Action",
            title: "CWE-390",
         },
         {
            category: "general",
            text: "Improperly Controlled Sequential Memory Allocation",
            title: "CWE-1325",
         },
         {
            category: "general",
            text: "Truncation of Security-relevant Information",
            title: "CWE-222",
         },
         {
            category: "general",
            text: "Incorrect Calculation of Buffer Size",
            title: "CWE-131",
         },
         {
            category: "general",
            text: "Improper Link Resolution Before File Access ('Link Following')",
            title: "CWE-59",
         },
         {
            category: "general",
            text: "Missing Critical Step in Authentication",
            title: "CWE-304",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
            url: "https://www.oracle.com/security-alerts/cpuoct2024.html",
         },
      ],
      title: "Kwetsbaarheden verholpen in Oracle Database producten",
      tracking: {
         current_release_date: "2024-10-17T13:15:19.595269Z",
         id: "NCSC-2024-0411",
         initial_release_date: "2024-10-17T13:15:19.595269Z",
         revision_history: [
            {
               date: "2024-10-17T13:15:19.595269Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "database_-_grid",
                  product: {
                     name: "database_-_grid",
                     product_id: "CSAFPID-1673504",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_grid",
                  product: {
                     name: "database_-_grid",
                     product_id: "CSAFPID-1673506",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673386",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673385",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673442",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673507",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673509",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673508",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph_mapviewer",
                  product: {
                     name: "spatial_and_graph_mapviewer",
                     product_id: "CSAFPID-912561",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-764250",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673511",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673512",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-816800",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673529",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fleet_patching_and_provisioning_-_micronaut",
                  product: {
                     name: "fleet_patching_and_provisioning_-_micronaut",
                     product_id: "CSAFPID-1673492",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fleet_patching_and_provisioning",
                  product: {
                     name: "fleet_patching_and_provisioning",
                     product_id: "CSAFPID-1503603",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673445",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673443",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673444",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673451",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673450",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673452",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-816798",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-816799",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-1673525",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912046",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503299",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816855",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816361",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912045",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503302",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912044",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503306",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816852",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912600",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816853",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912601",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816854",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sqlcl",
                  product: {
                     name: "sqlcl",
                     product_id: "CSAFPID-816801",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sqlcl",
                  product: {
                     name: "sqlcl",
                     product_id: "CSAFPID-1673405",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_administration",
                  product: {
                     name: "application_express_administration",
                     product_id: "CSAFPID-764731",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_customers_plugin",
                  product: {
                     name: "application_express_customers_plugin",
                     product_id: "CSAFPID-764732",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_team_calendar_plugin",
                  product: {
                     name: "application_express_team_calendar_plugin",
                     product_id: "CSAFPID-764733",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-266119",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1673510",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1503575",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1673188",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-765238",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-765239",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "blockchain_platform",
                  product: {
                     name: "blockchain_platform",
                     product_id: "CSAFPID-764779",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "blockchain_platform",
                  product: {
                     name: "blockchain_platform",
                     product_id: "CSAFPID-89587",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-765259",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-187448",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-94075",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-220886",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-611394",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-816317",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-912567",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-1503612",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-1673479",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_essbase",
                  product: {
                     name: "oracle_essbase",
                     product_id: "CSAFPID-1650506",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-816845",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1650825",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1673404",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1650831",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data",
                  product: {
                     name: "goldengate_big_data",
                     product_id: "CSAFPID-764274",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-764752",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-1673384",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-220192",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-220193",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-816846",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-611390",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-764803",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_veridata",
                  product: {
                     name: "goldengate_veridata",
                     product_id: "CSAFPID-764275",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-342816",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1650767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-485902",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503736",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-219912",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503739",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1650765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503738",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate_stream_analytics",
                  product: {
                     name: "oracle_goldengate_stream_analytics",
                     product_id: "CSAFPID-1650515",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "management_pack_for__goldengate",
                  product: {
                     name: "management_pack_for__goldengate",
                     product_id: "CSAFPID-764861",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "management_pack_for__goldengate",
                  product: {
                     name: "management_pack_for__goldengate",
                     product_id: "CSAFPID-1503640",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate_studio",
                  product: {
                     name: "oracle_goldengate_studio",
                     product_id: "CSAFPID-1650835",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate",
                  product: {
                     name: "oracle_goldengate",
                     product_id: "CSAFPID-1650575",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764813",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1503661",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1503663",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673497",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764764",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673491",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764766",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673495",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673493",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673489",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673488",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650757",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650758",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650760",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650759",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_nosql_database",
                  product: {
                     name: "oracle_nosql_database",
                     product_id: "CSAFPID-1650584",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_secure_backup",
                  product: {
                     name: "oracle_secure_backup",
                     product_id: "CSAFPID-1650563",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-667692",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-345049",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-611417",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-1673422",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_sql_developer",
                  product: {
                     name: "oracle_sql_developer",
                     product_id: "CSAFPID-1650638",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-764822",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-220643",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-816870",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-816871",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-1673397",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "oracle_application_express",
                  product: {
                     name: "oracle_application_express",
                     product_id: "CSAFPID-1673144",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "oracle_corporation",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-1471",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-220886",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764822",
               "CSAFPID-1650515",
               "CSAFPID-1650638",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-89587",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-1471",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json",
            },
         ],
         title: "CVE-2022-1471",
      },
      {
         cve: "CVE-2022-34169",
         cwe: {
            id: "CWE-192",
            name: "Integer Coercion Error",
         },
         notes: [
            {
               category: "other",
               text: "Integer Coercion Error",
               title: "CWE-192",
            },
            {
               category: "other",
               text: "Incorrect Conversion between Numeric Types",
               title: "CWE-681",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-342816",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-764752",
               "CSAFPID-764275",
               "CSAFPID-764861",
               "CSAFPID-266119",
               "CSAFPID-187448",
               "CSAFPID-219912",
               "CSAFPID-765238",
               "CSAFPID-765239",
               "CSAFPID-765259",
               "CSAFPID-667692",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-764250",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-34169",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-342816",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-764752",
                  "CSAFPID-764275",
                  "CSAFPID-764861",
                  "CSAFPID-266119",
                  "CSAFPID-187448",
                  "CSAFPID-219912",
                  "CSAFPID-765238",
                  "CSAFPID-765239",
                  "CSAFPID-765259",
                  "CSAFPID-667692",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-764250",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2022-34169",
      },
      {
         cve: "CVE-2022-36033",
         cwe: {
            id: "CWE-87",
            name: "Improper Neutralization of Alternate XSS Syntax",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Alternate XSS Syntax",
               title: "CWE-87",
            },
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-220886",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764861",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-266119",
               "CSAFPID-187448",
               "CSAFPID-1650515",
               "CSAFPID-1650835",
               "CSAFPID-219912",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-667692",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-1503575",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-912567",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-36033",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-220886",
                  "CSAFPID-94075",
                  "CSAFPID-764803",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764861",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-266119",
                  "CSAFPID-187448",
                  "CSAFPID-1650515",
                  "CSAFPID-1650835",
                  "CSAFPID-219912",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-667692",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-1503575",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-912567",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2022-36033",
      },
      {
         cve: "CVE-2022-37454",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
            {
               category: "other",
               text: "Integer Overflow to Buffer Overflow",
               title: "CWE-680",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-1650563",
               "CSAFPID-89587",
               "CSAFPID-764861",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-37454",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-1650563",
                  "CSAFPID-89587",
                  "CSAFPID-764861",
               ],
            },
         ],
         title: "CVE-2022-37454",
      },
      {
         cve: "CVE-2022-38136",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-38136",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json",
            },
         ],
         title: "CVE-2022-38136",
      },
      {
         cve: "CVE-2022-40196",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-40196",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json",
            },
         ],
         title: "CVE-2022-40196",
      },
      {
         cve: "CVE-2022-41342",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-41342",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json",
            },
         ],
         title: "CVE-2022-41342",
      },
      {
         cve: "CVE-2022-42919",
         cwe: {
            id: "CWE-311",
            name: "Missing Encryption of Sensitive Data",
         },
         notes: [
            {
               category: "other",
               text: "Missing Encryption of Sensitive Data",
               title: "CWE-311",
            },
            {
               category: "other",
               text: "Improper Privilege Management",
               title: "CWE-269",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-42919",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json",
            },
         ],
         title: "CVE-2022-42919",
      },
      {
         cve: "CVE-2022-45061",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Inefficient Algorithmic Complexity",
               title: "CWE-407",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-45061",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2022-45061",
      },
      {
         cve: "CVE-2022-46337",
         product_status: {
            known_affected: [
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-764752",
               "CSAFPID-764275",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-764250",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-342816",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-816361",
               "CSAFPID-764813",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-46337",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-764752",
                  "CSAFPID-764275",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-764250",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-342816",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-816361",
                  "CSAFPID-764813",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
               ],
            },
         ],
         title: "CVE-2022-46337",
      },
      {
         cve: "CVE-2023-2976",
         cwe: {
            id: "CWE-552",
            name: "Files or Directories Accessible to External Parties",
         },
         notes: [
            {
               category: "other",
               text: "Files or Directories Accessible to External Parties",
               title: "CWE-552",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650584",
               "CSAFPID-1650835",
               "CSAFPID-1650506",
               "CSAFPID-1650515",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-342816",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-764813",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-89587",
               "CSAFPID-1673397",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-345049",
               "CSAFPID-816801",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-611417",
               "CSAFPID-764250",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-2976",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650584",
                  "CSAFPID-1650835",
                  "CSAFPID-1650506",
                  "CSAFPID-1650515",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-342816",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-764813",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
                  "CSAFPID-89587",
                  "CSAFPID-1673397",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-345049",
                  "CSAFPID-816801",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-611417",
                  "CSAFPID-764250",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-2976",
      },
      {
         cve: "CVE-2023-4043",
         cwe: {
            id: "CWE-834",
            name: "Excessive Iteration",
         },
         notes: [
            {
               category: "other",
               text: "Excessive Iteration",
               title: "CWE-834",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673405",
               "CSAFPID-1673397",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4043",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673405",
                  "CSAFPID-1673397",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-4043",
      },
      {
         cve: "CVE-2023-4759",
         cwe: {
            id: "CWE-59",
            name: "Improper Link Resolution Before File Access ('Link Following')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Link Resolution Before File Access ('Link Following')",
               title: "CWE-59",
            },
            {
               category: "other",
               text: "Improper Handling of Case Sensitivity",
               title: "CWE-178",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673397",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4759",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673397",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-4759",
      },
      {
         cve: "CVE-2023-4863",
         cwe: {
            id: "CWE-122",
            name: "Heap-based Buffer Overflow",
         },
         notes: [
            {
               category: "other",
               text: "Heap-based Buffer Overflow",
               title: "CWE-122",
            },
            {
               category: "other",
               text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
               title: "CWE-119",
            },
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-342816",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4863",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json",
            },
         ],
         title: "CVE-2023-4863",
      },
      {
         cve: "CVE-2023-5072",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650575",
               "CSAFPID-1650515",
               "CSAFPID-1650835",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-5072",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650575",
                  "CSAFPID-1650515",
                  "CSAFPID-1650835",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-5072",
      },
      {
         cve: "CVE-2023-26031",
         cwe: {
            id: "CWE-426",
            name: "Untrusted Search Path",
         },
         notes: [
            {
               category: "other",
               text: "Untrusted Search Path",
               title: "CWE-426",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26031",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-26031",
      },
      {
         cve: "CVE-2023-26551",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26551",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26551",
      },
      {
         cve: "CVE-2023-26552",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26552",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26552",
      },
      {
         cve: "CVE-2023-26553",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26553",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26553",
      },
      {
         cve: "CVE-2023-26554",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26554",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26554",
      },
      {
         cve: "CVE-2023-26555",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26555",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26555",
      },
      {
         cve: "CVE-2023-28484",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-816317",
               "CSAFPID-764813",
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-345049",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-611417",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-667692",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-28484",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-816317",
                  "CSAFPID-764813",
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-345049",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-611417",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-667692",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-28484",
      },
      {
         cve: "CVE-2023-29469",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "Double Free",
               title: "CWE-415",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-816317",
               "CSAFPID-89587",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-345049",
               "CSAFPID-764752",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-667692",
               "CSAFPID-764813",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764250",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-29469",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-816317",
                  "CSAFPID-89587",
                  "CSAFPID-220886",
                  "CSAFPID-342816",
                  "CSAFPID-345049",
                  "CSAFPID-764752",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-667692",
                  "CSAFPID-764813",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764250",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-29469",
      },
      {
         cve: "CVE-2023-33201",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-1650584",
               "CSAFPID-1673397",
               "CSAFPID-912561",
               "CSAFPID-345049",
               "CSAFPID-611390",
               "CSAFPID-611417",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-33201",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-1650584",
                  "CSAFPID-1673397",
                  "CSAFPID-912561",
                  "CSAFPID-345049",
                  "CSAFPID-611390",
                  "CSAFPID-611417",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-33201",
      },
      {
         cve: "CVE-2023-37920",
         cwe: {
            id: "CWE-295",
            name: "Improper Certificate Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Certificate Validation",
               title: "CWE-295",
            },
            {
               category: "other",
               text: "Insufficient Verification of Data Authenticity",
               title: "CWE-345",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-37920",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
               ],
            },
         ],
         title: "CVE-2023-37920",
      },
      {
         cve: "CVE-2023-39410",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673404",
               "CSAFPID-1673384",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-39410",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673404",
                  "CSAFPID-1673384",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-39410",
      },
      {
         cve: "CVE-2023-44487",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650757",
               "CSAFPID-1650758",
               "CSAFPID-1650759",
               "CSAFPID-1650760",
               "CSAFPID-1650761",
               "CSAFPID-89587",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503603",
               "CSAFPID-1503575",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-44487",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650757",
                  "CSAFPID-1650758",
                  "CSAFPID-1650759",
                  "CSAFPID-1650760",
                  "CSAFPID-1650761",
                  "CSAFPID-89587",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503603",
                  "CSAFPID-1503575",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-44487",
      },
      {
         cve: "CVE-2023-44981",
         cwe: {
            id: "CWE-639",
            name: "Authorization Bypass Through User-Controlled Key",
         },
         notes: [
            {
               category: "other",
               text: "Authorization Bypass Through User-Controlled Key",
               title: "CWE-639",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650515",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-44981",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650515",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
               ],
            },
         ],
         title: "CVE-2023-44981",
      },
      {
         cve: "CVE-2023-45288",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-45288",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-45288",
      },
      {
         cve: "CVE-2023-48795",
         cwe: {
            id: "CWE-222",
            name: "Truncation of Security-relevant Information",
         },
         notes: [
            {
               category: "other",
               text: "Truncation of Security-relevant Information",
               title: "CWE-222",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650765",
               "CSAFPID-1650757",
               "CSAFPID-1650758",
               "CSAFPID-1650767",
               "CSAFPID-1650759",
               "CSAFPID-1650760",
               "CSAFPID-1650761",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503575",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-48795",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650765",
                  "CSAFPID-1650757",
                  "CSAFPID-1650758",
                  "CSAFPID-1650767",
                  "CSAFPID-1650759",
                  "CSAFPID-1650760",
                  "CSAFPID-1650761",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503575",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-48795",
      },
      {
         cve: "CVE-2023-49083",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-49083",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-49083",
      },
      {
         cve: "CVE-2023-51384",
         cwe: {
            id: "CWE-304",
            name: "Missing Critical Step in Authentication",
         },
         notes: [
            {
               category: "other",
               text: "Missing Critical Step in Authentication",
               title: "CWE-304",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-51384",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-51384",
      },
      {
         cve: "CVE-2023-51385",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-51385",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-51385",
      },
      {
         cve: "CVE-2023-52425",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-52425",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-52425",
      },
      {
         cve: "CVE-2023-52426",
         cwe: {
            id: "CWE-776",
            name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
               title: "CWE-776",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-52426",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-52426",
      },
      {
         cve: "CVE-2024-1874",
         cwe: {
            id: "CWE-77",
            name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
               title: "CWE-77",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-1874",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-1874",
      },
      {
         cve: "CVE-2024-2408",
         cwe: {
            id: "CWE-203",
            name: "Observable Discrepancy",
         },
         notes: [
            {
               category: "other",
               text: "Observable Discrepancy",
               title: "CWE-203",
            },
            {
               category: "other",
               text: "Observable Timing Discrepancy",
               title: "CWE-208",
            },
            {
               category: "other",
               text: "Use of a Broken or Risky Cryptographic Algorithm",
               title: "CWE-327",
            },
            {
               category: "other",
               text: "Covert Timing Channel",
               title: "CWE-385",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-2408",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-2408",
      },
      {
         cve: "CVE-2024-2511",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Improperly Controlled Sequential Memory Allocation",
               title: "CWE-1325",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-2511",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-2511",
      },
      {
         cve: "CVE-2024-4577",
         cwe: {
            id: "CWE-88",
            name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
               title: "CWE-88",
            },
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4577",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-4577",
      },
      {
         cve: "CVE-2024-4603",
         cwe: {
            id: "CWE-606",
            name: "Unchecked Input for Loop Condition",
         },
         notes: [
            {
               category: "other",
               text: "Unchecked Input for Loop Condition",
               title: "CWE-606",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4603",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-4603",
      },
      {
         cve: "CVE-2024-4741",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4741",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-4741",
      },
      {
         cve: "CVE-2024-5458",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5458",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-5458",
      },
      {
         cve: "CVE-2024-5535",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
               title: "CWE-119",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673508",
               "CSAFPID-1673525",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5535",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673508",
                  "CSAFPID-1673525",
               ],
            },
         ],
         title: "CVE-2024-5535",
      },
      {
         cve: "CVE-2024-5585",
         cwe: {
            id: "CWE-116",
            name: "Improper Encoding or Escaping of Output",
         },
         notes: [
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
            {
               category: "other",
               text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
               title: "CWE-88",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5585",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-5585",
      },
      {
         cve: "CVE-2024-6119",
         cwe: {
            id: "CWE-843",
            name: "Access of Resource Using Incompatible Type ('Type Confusion')",
         },
         notes: [
            {
               category: "other",
               text: "Access of Resource Using Incompatible Type ('Type Confusion')",
               title: "CWE-843",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673508",
               "CSAFPID-1673525",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-6119",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673508",
                  "CSAFPID-1673525",
               ],
            },
         ],
         title: "CVE-2024-6119",
      },
      {
         cve: "CVE-2024-6232",
         cwe: {
            id: "CWE-1333",
            name: "Inefficient Regular Expression Complexity",
         },
         notes: [
            {
               category: "other",
               text: "Inefficient Regular Expression Complexity",
               title: "CWE-1333",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-6232",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json",
            },
         ],
         title: "CVE-2024-6232",
      },
      {
         cve: "CVE-2024-7264",
         cwe: {
            id: "CWE-125",
            name: "Out-of-bounds Read",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Read",
               title: "CWE-125",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673529",
               "CSAFPID-1673479",
               "CSAFPID-1673511",
               "CSAFPID-1673512",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-7264",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673529",
                  "CSAFPID-1673479",
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
               ],
            },
         ],
         title: "CVE-2024-7264",
      },
      {
         cve: "CVE-2024-7592",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-7592",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json",
            },
         ],
         title: "CVE-2024-7592",
      },
      {
         cve: "CVE-2024-21131",
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21131",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json",
            },
         ],
         title: "CVE-2024-21131",
      },
      {
         cve: "CVE-2024-21138",
         cwe: {
            id: "CWE-835",
            name: "Loop with Unreachable Exit Condition ('Infinite Loop')",
         },
         notes: [
            {
               category: "other",
               text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
               title: "CWE-835",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21138",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json",
            },
         ],
         title: "CVE-2024-21138",
      },
      {
         cve: "CVE-2024-21140",
         product_status: {
            known_affected: [
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503299",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21140",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json",
            },
         ],
         title: "CVE-2024-21140",
      },
      {
         cve: "CVE-2024-21144",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21144",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json",
            },
         ],
         title: "CVE-2024-21144",
      },
      {
         cve: "CVE-2024-21145",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21145",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json",
            },
         ],
         title: "CVE-2024-21145",
      },
      {
         cve: "CVE-2024-21147",
         product_status: {
            known_affected: [
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503299",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21147",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json",
            },
         ],
         title: "CVE-2024-21147",
      },
      {
         cve: "CVE-2024-21233",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21233",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-21233",
      },
      {
         cve: "CVE-2024-21242",
         product_status: {
            known_affected: [
               "CSAFPID-1673443",
               "CSAFPID-1673444",
               "CSAFPID-1673445",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21242",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.5,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673443",
                  "CSAFPID-1673444",
                  "CSAFPID-1673445",
               ],
            },
         ],
         title: "CVE-2024-21242",
      },
      {
         cve: "CVE-2024-21251",
         product_status: {
            known_affected: [
               "CSAFPID-1673450",
               "CSAFPID-1673451",
               "CSAFPID-1673452",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21251",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.1,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673450",
                  "CSAFPID-1673451",
                  "CSAFPID-1673452",
               ],
            },
         ],
         title: "CVE-2024-21251",
      },
      {
         cve: "CVE-2024-21261",
         product_status: {
            known_affected: [
               "CSAFPID-1673144",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21261",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673144",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-21261",
      },
      {
         cve: "CVE-2024-22018",
         cwe: {
            id: "CWE-275",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-275",
               title: "CWE-275",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22018",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-22018",
      },
      {
         cve: "CVE-2024-22020",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22020",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-22020",
      },
      {
         cve: "CVE-2024-22201",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22201",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-22201",
      },
      {
         cve: "CVE-2024-23807",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650831",
               "CSAFPID-1650825",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-23807",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650831",
                  "CSAFPID-1650825",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-23807",
      },
      {
         cve: "CVE-2024-23944",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-23944",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-23944",
      },
      {
         cve: "CVE-2024-24989",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-24989",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json",
            },
         ],
         title: "CVE-2024-24989",
      },
      {
         cve: "CVE-2024-24990",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-24990",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-24990",
      },
      {
         cve: "CVE-2024-25710",
         cwe: {
            id: "CWE-835",
            name: "Loop with Unreachable Exit Condition ('Infinite Loop')",
         },
         notes: [
            {
               category: "other",
               text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
               title: "CWE-835",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1673384",
               "CSAFPID-816871",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-342816",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-912046",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-25710",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1673384",
                  "CSAFPID-816871",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-342816",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-912046",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-25710",
      },
      {
         cve: "CVE-2024-26130",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-26130",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-26130",
      },
      {
         cve: "CVE-2024-26308",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1673384",
               "CSAFPID-816871",
               "CSAFPID-816798",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-26308",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1673384",
                  "CSAFPID-816871",
                  "CSAFPID-816798",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-26308",
      },
      {
         cve: "CVE-2024-27983",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-27983",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-27983",
      },
      {
         cve: "CVE-2024-28182",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Detection of Error Condition Without Action",
               title: "CWE-390",
            },
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673442",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28182",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673442",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-28182",
      },
      {
         cve: "CVE-2024-28849",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28849",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-28849",
      },
      {
         cve: "CVE-2024-28887",
         cwe: {
            id: "CWE-427",
            name: "Uncontrolled Search Path Element",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Search Path Element",
               title: "CWE-427",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28887",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-28887",
      },
      {
         cve: "CVE-2024-29025",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673488",
               "CSAFPID-1673489",
               "CSAFPID-1673491",
               "CSAFPID-1673492",
               "CSAFPID-1673493",
               "CSAFPID-1673495",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29025",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673488",
                  "CSAFPID-1673489",
                  "CSAFPID-1673491",
                  "CSAFPID-1673492",
                  "CSAFPID-1673493",
                  "CSAFPID-1673495",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29025",
      },
      {
         cve: "CVE-2024-29131",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673497",
               "CSAFPID-1673397",
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29131",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673497",
                  "CSAFPID-1673397",
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29131",
      },
      {
         cve: "CVE-2024-29133",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673497",
               "CSAFPID-1673397",
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29133",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673497",
                  "CSAFPID-1673397",
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29133",
      },
      {
         cve: "CVE-2024-31079",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Stack-based Buffer Overflow",
               title: "CWE-121",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-31079",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-31079",
      },
      {
         cve: "CVE-2024-32760",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-32760",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-32760",
      },
      {
         cve: "CVE-2024-34161",
         cwe: {
            id: "CWE-401",
            name: "Missing Release of Memory after Effective Lifetime",
         },
         notes: [
            {
               category: "other",
               text: "Missing Release of Memory after Effective Lifetime",
               title: "CWE-401",
            },
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-34161",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-34161",
      },
      {
         cve: "CVE-2024-34750",
         cwe: {
            id: "CWE-755",
            name: "Improper Handling of Exceptional Conditions",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Exceptional Conditions",
               title: "CWE-755",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673504",
               "CSAFPID-1673506",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-34750",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673504",
                  "CSAFPID-1673506",
               ],
            },
         ],
         title: "CVE-2024-34750",
      },
      {
         cve: "CVE-2024-35200",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-35200",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-35200",
      },
      {
         cve: "CVE-2024-36137",
         cwe: {
            id: "CWE-275",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-275",
               title: "CWE-275",
            },
            {
               category: "other",
               text: "Incorrect Permission Assignment for Critical Resource",
               title: "CWE-732",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36137",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-36137",
      },
      {
         cve: "CVE-2024-36138",
         cwe: {
            id: "CWE-77",
            name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
               title: "CWE-77",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36138",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json",
            },
         ],
         title: "CVE-2024-36138",
      },
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36387",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-37370",
         cwe: {
            id: "CWE-130",
            name: "Improper Handling of Length Parameter Inconsistency",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Length Parameter Inconsistency",
               title: "CWE-130",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673507",
               "CSAFPID-1673508",
               "CSAFPID-1673509",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37370",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673507",
                  "CSAFPID-1673508",
                  "CSAFPID-1673509",
               ],
            },
         ],
         title: "CVE-2024-37370",
      },
      {
         cve: "CVE-2024-37371",
         cwe: {
            id: "CWE-130",
            name: "Improper Handling of Length Parameter Inconsistency",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Length Parameter Inconsistency",
               title: "CWE-130",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673507",
               "CSAFPID-1673508",
               "CSAFPID-1673509",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37371",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673507",
                  "CSAFPID-1673508",
                  "CSAFPID-1673509",
               ],
            },
         ],
         title: "CVE-2024-37371",
      },
      {
         cve: "CVE-2024-37372",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37372",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-37372",
      },
      {
         cve: "CVE-2024-38356",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673510",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38356",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673510",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38356",
      },
      {
         cve: "CVE-2024-38357",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673510",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38357",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673510",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38357",
      },
      {
         cve: "CVE-2024-38472",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38472",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38473",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38474",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38475",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Inclusion of Functionality from Untrusted Control Sphere",
               title: "CWE-829",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38476",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38477",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-38998",
         cwe: {
            id: "CWE-1321",
            name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
         },
         notes: [
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673511",
               "CSAFPID-1673512",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38998",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38998",
      },
      {
         cve: "CVE-2024-38999",
         cwe: {
            id: "CWE-1321",
            name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
         },
         notes: [
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673511",
               "CSAFPID-1673512",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38999",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 10,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38999",
      },
      {
         cve: "CVE-2024-39573",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39573",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-39573",
      },
      {
         cve: "CVE-2024-39884",
         cwe: {
            id: "CWE-18",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-18",
               title: "CWE-18",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39884",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-39884",
      },
      {
         cve: "CVE-2024-40725",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Exposure of Resource to Wrong Sphere",
               title: "CWE-668",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-40725",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
               ],
            },
         ],
         title: "CVE-2024-40725",
      },
      {
         cve: "CVE-2024-40898",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-40898",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
               ],
            },
         ],
         title: "CVE-2024-40898",
      },
      {
         cve: "CVE-2024-45490",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
            {
               category: "other",
               text: "Incorrect Calculation of Buffer Size",
               title: "CWE-131",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45490",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45490",
      },
      {
         cve: "CVE-2024-45491",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45491",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45491",
      },
      {
         cve: "CVE-2024-45492",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45492",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45492",
      },
      {
         cve: "CVE-2024-45801",
         cwe: {
            id: "CWE-1333",
            name: "Inefficient Regular Expression Complexity",
         },
         notes: [
            {
               category: "other",
               text: "Inefficient Regular Expression Complexity",
               title: "CWE-1333",
            },
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45801",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-45801",
      },
   ],
}

ncsc-2024-0275

Vulnerability from csaf_ncscnl

Published

2024-07-02 11:44

Modified

2024-07-02 11:44

Summary

Kwetsbaarheden verholpen in Apache HHTP-server

Notes

Feiten

Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.

Interpretaties

Oplossingen

Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-116

Improper Encoding or Escaping of Output

CWE-172

Encoding Error

CWE-20

Improper Input Validation

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-284

Improper Access Control

CWE-404

Improper Resource Shutdown or Release

CWE-476

NULL Pointer Dereference

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

CWE-918

Server-Side Request Forgery (SSRF)

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Apache Software Foundation heeft kwetsbaarheden verholpen in de Apache HTTP-Server.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, middels een Server-Side-Request-Forgery (SSRF) verkeer te manipuleren, of om code uit te voeren binnen de webserver, waarvoor de kwaadwillende aanvankelijk niet is geautoriseerd.",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Apache Software Foundation heeft updates uitgebracht om de kwetsbaarheden te verhelpen in Apache HTTP-Server 2.4.60. Zie bijgevoegde referenties voor meer informatie.",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Encoding or Escaping of Output",
            title: "CWE-116",
         },
         {
            category: "general",
            text: "Encoding Error",
            title: "CWE-172",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Exposure of Sensitive Information to an Unauthorized Actor",
            title: "CWE-200",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "NULL Pointer Dereference",
            title: "CWE-476",
         },
         {
            category: "general",
            text: "Inclusion of Functionality from Untrusted Control Sphere",
            title: "CWE-829",
         },
         {
            category: "general",
            text: "Server-Side Request Forgery (SSRF)",
            title: "CWE-918",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; ibm; nvd; redhat",
            url: "https://httpd.apache.org/security/vulnerabilities_24.html",
         },
      ],
      title: "Kwetsbaarheden verholpen in Apache HHTP-server",
      tracking: {
         current_release_date: "2024-07-02T11:44:22.653047Z",
         id: "NCSC-2024-0275",
         initial_release_date: "2024-07-02T11:44:22.653047Z",
         revision_history: [
            {
               date: "2024-07-02T11:44:22.653047Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1465466",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1491761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "apache_http_server",
                  product: {
                     name: "apache_http_server",
                     product_id: "CSAFPID-1491762",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache_software_foundation:apache_http_server:2.4.59:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "apache_software_foundation",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76769",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76766",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139639",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.11:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76770",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76772",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.13:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139611",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139603",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139596",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139667",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139663",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139697",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76762",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139591",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139684",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139652",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-96956",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139580",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139628",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139643",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139651",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139623",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139593",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76764",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139704",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139647",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.31:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139728",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139724",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139584",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139696",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139685",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139677",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139585",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139577",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.39:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139664",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139675",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.41:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139602",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.42:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139569",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.43:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139689",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.44:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139655",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.45:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139716",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.46:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139737",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.47:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139568",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.48:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139711",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139589",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139662",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.50:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139619",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.51:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139563",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.52:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-139637",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.53:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-140516",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.54:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-142004",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473391",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.56:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473393",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.57:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1473392",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.58:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-1491521",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.59:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76763",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76771",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "http_server",
                  product: {
                     name: "http_server",
                     product_id: "CSAFPID-76773",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "apache",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1491761",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36387",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json",
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38472",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38472",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json",
            },
         ],
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38473",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json",
            },
         ],
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38474",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38475",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Inclusion of Functionality from Untrusted Control Sphere",
               title: "CWE-829",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38476",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json",
            },
         ],
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38477",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-76769",
                  "CSAFPID-76761",
                  "CSAFPID-76762",
                  "CSAFPID-76764",
                  "CSAFPID-76767",
                  "CSAFPID-76765",
                  "CSAFPID-76763",
                  "CSAFPID-76771",
                  "CSAFPID-76773",
                  "CSAFPID-76766",
                  "CSAFPID-76770",
                  "CSAFPID-139611",
                  "CSAFPID-139596",
                  "CSAFPID-139667",
                  "CSAFPID-139663",
                  "CSAFPID-139697",
                  "CSAFPID-139591",
                  "CSAFPID-139684",
                  "CSAFPID-139652",
                  "CSAFPID-96956",
                  "CSAFPID-139580",
                  "CSAFPID-139628",
                  "CSAFPID-139643",
                  "CSAFPID-139651",
                  "CSAFPID-139623",
                  "CSAFPID-139593",
                  "CSAFPID-139704",
                  "CSAFPID-139724",
                  "CSAFPID-139584",
                  "CSAFPID-139696",
                  "CSAFPID-139677",
                  "CSAFPID-139585",
                  "CSAFPID-139737",
                  "CSAFPID-139711",
                  "CSAFPID-139662",
                  "CSAFPID-139637",
                  "CSAFPID-1465466",
                  "CSAFPID-1491762",
               ],
            },
         ],
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-39573",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-76769",
               "CSAFPID-76761",
               "CSAFPID-76762",
               "CSAFPID-76764",
               "CSAFPID-76767",
               "CSAFPID-76765",
               "CSAFPID-76763",
               "CSAFPID-76771",
               "CSAFPID-76773",
               "CSAFPID-76766",
               "CSAFPID-76770",
               "CSAFPID-139611",
               "CSAFPID-139596",
               "CSAFPID-139667",
               "CSAFPID-139663",
               "CSAFPID-139697",
               "CSAFPID-139591",
               "CSAFPID-139684",
               "CSAFPID-139652",
               "CSAFPID-96956",
               "CSAFPID-139580",
               "CSAFPID-139628",
               "CSAFPID-139643",
               "CSAFPID-139651",
               "CSAFPID-139623",
               "CSAFPID-139593",
               "CSAFPID-139704",
               "CSAFPID-139724",
               "CSAFPID-139584",
               "CSAFPID-139696",
               "CSAFPID-139677",
               "CSAFPID-139585",
               "CSAFPID-139737",
               "CSAFPID-139711",
               "CSAFPID-139662",
               "CSAFPID-139637",
               "CSAFPID-1465466",
               "CSAFPID-1491762",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39573",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json",
            },
         ],
         title: "CVE-2024-39573",
      },
   ],
}

ncsc-2024-0411

Vulnerability from csaf_ncscnl

Published

2024-10-17 13:15

Modified

2024-10-17 13:15

Summary

Kwetsbaarheden verholpen in Oracle Database producten

Notes

Feiten

Interpretaties

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-130

Improper Handling of Length Parameter Inconsistency

CWE-208

Observable Timing Discrepancy

CWE-776

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-755

Improper Handling of Exceptional Conditions

CWE-834

Excessive Iteration

CWE-407

Inefficient Algorithmic Complexity

CWE-178

Improper Handling of Case Sensitivity

CWE-732

Incorrect Permission Assignment for Critical Resource

CWE-415

Double Free

CWE-311

Missing Encryption of Sensitive Data

CWE-427

Uncontrolled Search Path Element

CWE-172

Encoding Error

CWE-680

Integer Overflow to Buffer Overflow

CWE-426

Untrusted Search Path

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-116

Improper Encoding or Escaping of Output

CWE-345

Insufficient Verification of Data Authenticity

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-203

Observable Discrepancy

CWE-190

Integer Overflow or Wraparound

CWE-552

Files or Directories Accessible to External Parties

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-125

Out-of-bounds Read

CWE-404

Improper Resource Shutdown or Release

CWE-275

CWE-284

Improper Access Control

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333

Inefficient Regular Expression Complexity

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-416

Use After Free

CWE-401

Missing Release of Memory after Effective Lifetime

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-668

Exposure of Resource to Wrong Sphere

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-502

Deserialization of Untrusted Data

CWE-918

Server-Side Request Forgery (SSRF)

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787

Out-of-bounds Write

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-122

Heap-based Buffer Overflow

CWE-121

Stack-based Buffer Overflow

CWE-681

Incorrect Conversion between Numeric Types

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-269

Improper Privilege Management

CWE-20

Improper Input Validation

CWE-87

Improper Neutralization of Alternate XSS Syntax

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-18

CWE-385

Covert Timing Channel

CWE-606

Unchecked Input for Loop Condition

CWE-192

Integer Coercion Error

CWE-390

Detection of Error Condition Without Action

CWE-1325

Improperly Controlled Sequential Memory Allocation

CWE-222

Truncation of Security-relevant Information

CWE-131

Incorrect Calculation of Buffer Size

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-304

Missing Critical Step in Authentication

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Handling of Length Parameter Inconsistency",
            title: "CWE-130",
         },
         {
            category: "general",
            text: "Observable Timing Discrepancy",
            title: "CWE-208",
         },
         {
            category: "general",
            text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
            title: "CWE-776",
         },
         {
            category: "general",
            text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
            title: "CWE-88",
         },
         {
            category: "general",
            text: "Improper Handling of Exceptional Conditions",
            title: "CWE-755",
         },
         {
            category: "general",
            text: "Excessive Iteration",
            title: "CWE-834",
         },
         {
            category: "general",
            text: "Inefficient Algorithmic Complexity",
            title: "CWE-407",
         },
         {
            category: "general",
            text: "Improper Handling of Case Sensitivity",
            title: "CWE-178",
         },
         {
            category: "general",
            text: "Incorrect Permission Assignment for Critical Resource",
            title: "CWE-732",
         },
         {
            category: "general",
            text: "Double Free",
            title: "CWE-415",
         },
         {
            category: "general",
            text: "Missing Encryption of Sensitive Data",
            title: "CWE-311",
         },
         {
            category: "general",
            text: "Uncontrolled Search Path Element",
            title: "CWE-427",
         },
         {
            category: "general",
            text: "Encoding Error",
            title: "CWE-172",
         },
         {
            category: "general",
            text: "Integer Overflow to Buffer Overflow",
            title: "CWE-680",
         },
         {
            category: "general",
            text: "Untrusted Search Path",
            title: "CWE-426",
         },
         {
            category: "general",
            text: "Access of Resource Using Incompatible Type ('Type Confusion')",
            title: "CWE-843",
         },
         {
            category: "general",
            text: "Improper Encoding or Escaping of Output",
            title: "CWE-116",
         },
         {
            category: "general",
            text: "Insufficient Verification of Data Authenticity",
            title: "CWE-345",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
            title: "CWE-77",
         },
         {
            category: "general",
            text: "Observable Discrepancy",
            title: "CWE-203",
         },
         {
            category: "general",
            text: "Integer Overflow or Wraparound",
            title: "CWE-190",
         },
         {
            category: "general",
            text: "Files or Directories Accessible to External Parties",
            title: "CWE-552",
         },
         {
            category: "general",
            text: "Authorization Bypass Through User-Controlled Key",
            title: "CWE-639",
         },
         {
            category: "general",
            text: "Out-of-bounds Read",
            title: "CWE-125",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "CWE-275",
            title: "CWE-275",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
            title: "CWE-119",
         },
         {
            category: "general",
            text: "Inefficient Regular Expression Complexity",
            title: "CWE-1333",
         },
         {
            category: "general",
            text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
            title: "CWE-1321",
         },
         {
            category: "general",
            text: "Use After Free",
            title: "CWE-416",
         },
         {
            category: "general",
            text: "Missing Release of Memory after Effective Lifetime",
            title: "CWE-401",
         },
         {
            category: "general",
            text: "NULL Pointer Dereference",
            title: "CWE-476",
         },
         {
            category: "general",
            text: "Improper Certificate Validation",
            title: "CWE-295",
         },
         {
            category: "general",
            text: "Exposure of Resource to Wrong Sphere",
            title: "CWE-668",
         },
         {
            category: "general",
            text: "Inclusion of Functionality from Untrusted Control Sphere",
            title: "CWE-829",
         },
         {
            category: "general",
            text: "Use of a Broken or Risky Cryptographic Algorithm",
            title: "CWE-327",
         },
         {
            category: "general",
            text: "Uncontrolled Resource Consumption",
            title: "CWE-400",
         },
         {
            category: "general",
            text: "Allocation of Resources Without Limits or Throttling",
            title: "CWE-770",
         },
         {
            category: "general",
            text: "Deserialization of Untrusted Data",
            title: "CWE-502",
         },
         {
            category: "general",
            text: "Server-Side Request Forgery (SSRF)",
            title: "CWE-918",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
            title: "CWE-78",
         },
         {
            category: "general",
            text: "Out-of-bounds Write",
            title: "CWE-787",
         },
         {
            category: "general",
            text: "Exposure of Sensitive Information to an Unauthorized Actor",
            title: "CWE-200",
         },
         {
            category: "general",
            text: "Heap-based Buffer Overflow",
            title: "CWE-122",
         },
         {
            category: "general",
            text: "Stack-based Buffer Overflow",
            title: "CWE-121",
         },
         {
            category: "general",
            text: "Incorrect Conversion between Numeric Types",
            title: "CWE-681",
         },
         {
            category: "general",
            text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
            title: "CWE-835",
         },
         {
            category: "general",
            text: "Improper Privilege Management",
            title: "CWE-269",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Improper Neutralization of Alternate XSS Syntax",
            title: "CWE-87",
         },
         {
            category: "general",
            text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
            title: "CWE-79",
         },
         {
            category: "general",
            text: "CWE-18",
            title: "CWE-18",
         },
         {
            category: "general",
            text: "Covert Timing Channel",
            title: "CWE-385",
         },
         {
            category: "general",
            text: "Unchecked Input for Loop Condition",
            title: "CWE-606",
         },
         {
            category: "general",
            text: "Integer Coercion Error",
            title: "CWE-192",
         },
         {
            category: "general",
            text: "Detection of Error Condition Without Action",
            title: "CWE-390",
         },
         {
            category: "general",
            text: "Improperly Controlled Sequential Memory Allocation",
            title: "CWE-1325",
         },
         {
            category: "general",
            text: "Truncation of Security-relevant Information",
            title: "CWE-222",
         },
         {
            category: "general",
            text: "Incorrect Calculation of Buffer Size",
            title: "CWE-131",
         },
         {
            category: "general",
            text: "Improper Link Resolution Before File Access ('Link Following')",
            title: "CWE-59",
         },
         {
            category: "general",
            text: "Missing Critical Step in Authentication",
            title: "CWE-304",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
            url: "https://www.oracle.com/security-alerts/cpuoct2024.html",
         },
      ],
      title: "Kwetsbaarheden verholpen in Oracle Database producten",
      tracking: {
         current_release_date: "2024-10-17T13:15:19.595269Z",
         id: "NCSC-2024-0411",
         initial_release_date: "2024-10-17T13:15:19.595269Z",
         revision_history: [
            {
               date: "2024-10-17T13:15:19.595269Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "database_-_grid",
                  product: {
                     name: "database_-_grid",
                     product_id: "CSAFPID-1673504",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_grid",
                  product: {
                     name: "database_-_grid",
                     product_id: "CSAFPID-1673506",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673386",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673385",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_core",
                  product: {
                     name: "database_-_core",
                     product_id: "CSAFPID-1673442",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673507",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673509",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_security",
                  product: {
                     name: "database_-_security",
                     product_id: "CSAFPID-1673508",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph_mapviewer",
                  product: {
                     name: "spatial_and_graph_mapviewer",
                     product_id: "CSAFPID-912561",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-764250",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673511",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673512",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-816800",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "spatial_and_graph",
                  product: {
                     name: "spatial_and_graph",
                     product_id: "CSAFPID-1673529",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fleet_patching_and_provisioning_-_micronaut",
                  product: {
                     name: "fleet_patching_and_provisioning_-_micronaut",
                     product_id: "CSAFPID-1673492",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fleet_patching_and_provisioning",
                  product: {
                     name: "fleet_patching_and_provisioning",
                     product_id: "CSAFPID-1503603",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673445",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673443",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_xml_database",
                  product: {
                     name: "database_-_xml_database",
                     product_id: "CSAFPID-1673444",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673451",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673450",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "database_-_java_vm",
                  product: {
                     name: "database_-_java_vm",
                     product_id: "CSAFPID-1673452",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-816798",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-816799",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-1673525",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912046",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503299",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816855",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816361",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912045",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503302",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912044",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-1503306",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816852",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912600",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816853",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-912601",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "graalvm_for_jdk",
                  product: {
                     name: "graalvm_for_jdk",
                     product_id: "CSAFPID-816854",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sqlcl",
                  product: {
                     name: "sqlcl",
                     product_id: "CSAFPID-816801",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sqlcl",
                  product: {
                     name: "sqlcl",
                     product_id: "CSAFPID-1673405",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_administration",
                  product: {
                     name: "application_express_administration",
                     product_id: "CSAFPID-764731",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_customers_plugin",
                  product: {
                     name: "application_express_customers_plugin",
                     product_id: "CSAFPID-764732",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express_team_calendar_plugin",
                  product: {
                     name: "application_express_team_calendar_plugin",
                     product_id: "CSAFPID-764733",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-266119",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1673510",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1503575",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "application_express",
                  product: {
                     name: "application_express",
                     product_id: "CSAFPID-1673188",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-765238",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "autonomous_health_framework",
                  product: {
                     name: "autonomous_health_framework",
                     product_id: "CSAFPID-765239",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "blockchain_platform",
                  product: {
                     name: "blockchain_platform",
                     product_id: "CSAFPID-764779",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "blockchain_platform",
                  product: {
                     name: "blockchain_platform",
                     product_id: "CSAFPID-89587",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-765259",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-187448",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-94075",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-220886",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-611394",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-816317",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-912567",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-1503612",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "essbase",
                  product: {
                     name: "essbase",
                     product_id: "CSAFPID-1673479",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_essbase",
                  product: {
                     name: "oracle_essbase",
                     product_id: "CSAFPID-1650506",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-816845",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1650825",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1673404",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data_and_application_adapters",
                  product: {
                     name: "goldengate_big_data_and_application_adapters",
                     product_id: "CSAFPID-1650831",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_big_data",
                  product: {
                     name: "goldengate_big_data",
                     product_id: "CSAFPID-764274",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-764752",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-1673384",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-220192",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_stream_analytics",
                  product: {
                     name: "goldengate_stream_analytics",
                     product_id: "CSAFPID-220193",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-816846",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-611390",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_studio",
                  product: {
                     name: "goldengate_studio",
                     product_id: "CSAFPID-764803",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate_veridata",
                  product: {
                     name: "goldengate_veridata",
                     product_id: "CSAFPID-764275",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-342816",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1650767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-485902",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503736",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-219912",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503739",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1650765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "goldengate",
                  product: {
                     name: "goldengate",
                     product_id: "CSAFPID-1503738",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate_stream_analytics",
                  product: {
                     name: "oracle_goldengate_stream_analytics",
                     product_id: "CSAFPID-1650515",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "management_pack_for__goldengate",
                  product: {
                     name: "management_pack_for__goldengate",
                     product_id: "CSAFPID-764861",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "management_pack_for__goldengate",
                  product: {
                     name: "management_pack_for__goldengate",
                     product_id: "CSAFPID-1503640",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate_studio",
                  product: {
                     name: "oracle_goldengate_studio",
                     product_id: "CSAFPID-1650835",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_goldengate",
                  product: {
                     name: "oracle_goldengate",
                     product_id: "CSAFPID-1650575",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764813",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1503661",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1503663",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673497",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764764",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764765",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673491",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764766",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673495",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-764767",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673493",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673489",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1673488",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650757",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650758",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650761",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650760",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "nosql_database",
                  product: {
                     name: "nosql_database",
                     product_id: "CSAFPID-1650759",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_nosql_database",
                  product: {
                     name: "oracle_nosql_database",
                     product_id: "CSAFPID-1650584",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_secure_backup",
                  product: {
                     name: "oracle_secure_backup",
                     product_id: "CSAFPID-1650563",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-667692",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-345049",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-611417",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "secure_backup",
                  product: {
                     name: "secure_backup",
                     product_id: "CSAFPID-1673422",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "oracle_sql_developer",
                  product: {
                     name: "oracle_sql_developer",
                     product_id: "CSAFPID-1650638",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-764822",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-220643",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-816870",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-816871",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "sql_developer",
                  product: {
                     name: "sql_developer",
                     product_id: "CSAFPID-1673397",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "oracle_application_express",
                  product: {
                     name: "oracle_application_express",
                     product_id: "CSAFPID-1673144",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "oracle_corporation",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-1471",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-220886",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764822",
               "CSAFPID-1650515",
               "CSAFPID-1650638",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-89587",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-1471",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json",
            },
         ],
         title: "CVE-2022-1471",
      },
      {
         cve: "CVE-2022-34169",
         cwe: {
            id: "CWE-192",
            name: "Integer Coercion Error",
         },
         notes: [
            {
               category: "other",
               text: "Integer Coercion Error",
               title: "CWE-192",
            },
            {
               category: "other",
               text: "Incorrect Conversion between Numeric Types",
               title: "CWE-681",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-342816",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-764752",
               "CSAFPID-764275",
               "CSAFPID-764861",
               "CSAFPID-266119",
               "CSAFPID-187448",
               "CSAFPID-219912",
               "CSAFPID-765238",
               "CSAFPID-765239",
               "CSAFPID-765259",
               "CSAFPID-667692",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-764250",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-34169",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-342816",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-764752",
                  "CSAFPID-764275",
                  "CSAFPID-764861",
                  "CSAFPID-266119",
                  "CSAFPID-187448",
                  "CSAFPID-219912",
                  "CSAFPID-765238",
                  "CSAFPID-765239",
                  "CSAFPID-765259",
                  "CSAFPID-667692",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-764250",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2022-34169",
      },
      {
         cve: "CVE-2022-36033",
         cwe: {
            id: "CWE-87",
            name: "Improper Neutralization of Alternate XSS Syntax",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Alternate XSS Syntax",
               title: "CWE-87",
            },
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-220886",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764861",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-266119",
               "CSAFPID-187448",
               "CSAFPID-1650515",
               "CSAFPID-1650835",
               "CSAFPID-219912",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-667692",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-1503575",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-912567",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-36033",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-220886",
                  "CSAFPID-94075",
                  "CSAFPID-764803",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764861",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-266119",
                  "CSAFPID-187448",
                  "CSAFPID-1650515",
                  "CSAFPID-1650835",
                  "CSAFPID-219912",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-667692",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-1503575",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-912567",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2022-36033",
      },
      {
         cve: "CVE-2022-37454",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
            {
               category: "other",
               text: "Integer Overflow to Buffer Overflow",
               title: "CWE-680",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-1650563",
               "CSAFPID-89587",
               "CSAFPID-764861",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-37454",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-1650563",
                  "CSAFPID-89587",
                  "CSAFPID-764861",
               ],
            },
         ],
         title: "CVE-2022-37454",
      },
      {
         cve: "CVE-2022-38136",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-38136",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json",
            },
         ],
         title: "CVE-2022-38136",
      },
      {
         cve: "CVE-2022-40196",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-40196",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json",
            },
         ],
         title: "CVE-2022-40196",
      },
      {
         cve: "CVE-2022-41342",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-41342",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json",
            },
         ],
         title: "CVE-2022-41342",
      },
      {
         cve: "CVE-2022-42919",
         cwe: {
            id: "CWE-311",
            name: "Missing Encryption of Sensitive Data",
         },
         notes: [
            {
               category: "other",
               text: "Missing Encryption of Sensitive Data",
               title: "CWE-311",
            },
            {
               category: "other",
               text: "Improper Privilege Management",
               title: "CWE-269",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-42919",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json",
            },
         ],
         title: "CVE-2022-42919",
      },
      {
         cve: "CVE-2022-45061",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Inefficient Algorithmic Complexity",
               title: "CWE-407",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-342816",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764779",
               "CSAFPID-94075",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-611390",
               "CSAFPID-764803",
               "CSAFPID-764813",
               "CSAFPID-764822",
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-45061",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-342816",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764779",
                  "CSAFPID-94075",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-611390",
                  "CSAFPID-764803",
                  "CSAFPID-764813",
                  "CSAFPID-764822",
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2022-45061",
      },
      {
         cve: "CVE-2022-46337",
         product_status: {
            known_affected: [
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-1673384",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-764752",
               "CSAFPID-764275",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-912046",
               "CSAFPID-912045",
               "CSAFPID-912044",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-764250",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-342816",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-816361",
               "CSAFPID-764813",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2022-46337",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-1673384",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-764752",
                  "CSAFPID-764275",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-912046",
                  "CSAFPID-912045",
                  "CSAFPID-912044",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-764250",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-342816",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-816361",
                  "CSAFPID-764813",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
               ],
            },
         ],
         title: "CVE-2022-46337",
      },
      {
         cve: "CVE-2023-2976",
         cwe: {
            id: "CWE-552",
            name: "Files or Directories Accessible to External Parties",
         },
         notes: [
            {
               category: "other",
               text: "Files or Directories Accessible to External Parties",
               title: "CWE-552",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650584",
               "CSAFPID-1650835",
               "CSAFPID-1650506",
               "CSAFPID-1650515",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-342816",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816361",
               "CSAFPID-764813",
               "CSAFPID-220643",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-89587",
               "CSAFPID-1673397",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-345049",
               "CSAFPID-816801",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-611417",
               "CSAFPID-764250",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-2976",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650584",
                  "CSAFPID-1650835",
                  "CSAFPID-1650506",
                  "CSAFPID-1650515",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-342816",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816361",
                  "CSAFPID-764813",
                  "CSAFPID-220643",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
                  "CSAFPID-89587",
                  "CSAFPID-1673397",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-345049",
                  "CSAFPID-816801",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-611417",
                  "CSAFPID-764250",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-2976",
      },
      {
         cve: "CVE-2023-4043",
         cwe: {
            id: "CWE-834",
            name: "Excessive Iteration",
         },
         notes: [
            {
               category: "other",
               text: "Excessive Iteration",
               title: "CWE-834",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673405",
               "CSAFPID-1673397",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4043",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673405",
                  "CSAFPID-1673397",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-4043",
      },
      {
         cve: "CVE-2023-4759",
         cwe: {
            id: "CWE-59",
            name: "Improper Link Resolution Before File Access ('Link Following')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Link Resolution Before File Access ('Link Following')",
               title: "CWE-59",
            },
            {
               category: "other",
               text: "Improper Handling of Case Sensitivity",
               title: "CWE-178",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673397",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4759",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673397",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-4759",
      },
      {
         cve: "CVE-2023-4863",
         cwe: {
            id: "CWE-122",
            name: "Heap-based Buffer Overflow",
         },
         notes: [
            {
               category: "other",
               text: "Heap-based Buffer Overflow",
               title: "CWE-122",
            },
            {
               category: "other",
               text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
               title: "CWE-119",
            },
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-342816",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-4863",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json",
            },
         ],
         title: "CVE-2023-4863",
      },
      {
         cve: "CVE-2023-5072",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650575",
               "CSAFPID-1650515",
               "CSAFPID-1650835",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-5072",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650575",
                  "CSAFPID-1650515",
                  "CSAFPID-1650835",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-5072",
      },
      {
         cve: "CVE-2023-26031",
         cwe: {
            id: "CWE-426",
            name: "Untrusted Search Path",
         },
         notes: [
            {
               category: "other",
               text: "Untrusted Search Path",
               title: "CWE-426",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26031",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-26031",
      },
      {
         cve: "CVE-2023-26551",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26551",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26551",
      },
      {
         cve: "CVE-2023-26552",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26552",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26552",
      },
      {
         cve: "CVE-2023-26553",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26553",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26553",
      },
      {
         cve: "CVE-2023-26554",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26554",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26554",
      },
      {
         cve: "CVE-2023-26555",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-26555",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-26555",
      },
      {
         cve: "CVE-2023-28484",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-220886",
               "CSAFPID-816317",
               "CSAFPID-764813",
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-345049",
               "CSAFPID-764752",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-611417",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-667692",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-28484",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-220886",
                  "CSAFPID-816317",
                  "CSAFPID-764813",
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-345049",
                  "CSAFPID-764752",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-611417",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-667692",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-28484",
      },
      {
         cve: "CVE-2023-29469",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "Double Free",
               title: "CWE-415",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-611417",
               "CSAFPID-764731",
               "CSAFPID-764732",
               "CSAFPID-764733",
               "CSAFPID-816317",
               "CSAFPID-89587",
               "CSAFPID-220886",
               "CSAFPID-342816",
               "CSAFPID-345049",
               "CSAFPID-764752",
               "CSAFPID-611390",
               "CSAFPID-611394",
               "CSAFPID-764764",
               "CSAFPID-764765",
               "CSAFPID-764766",
               "CSAFPID-764767",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-667692",
               "CSAFPID-764813",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764250",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-29469",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-611417",
                  "CSAFPID-764731",
                  "CSAFPID-764732",
                  "CSAFPID-764733",
                  "CSAFPID-816317",
                  "CSAFPID-89587",
                  "CSAFPID-220886",
                  "CSAFPID-342816",
                  "CSAFPID-345049",
                  "CSAFPID-764752",
                  "CSAFPID-611390",
                  "CSAFPID-611394",
                  "CSAFPID-764764",
                  "CSAFPID-764765",
                  "CSAFPID-764766",
                  "CSAFPID-764767",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-667692",
                  "CSAFPID-764813",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764250",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-29469",
      },
      {
         cve: "CVE-2023-33201",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-764250",
               "CSAFPID-611394",
               "CSAFPID-1650584",
               "CSAFPID-1673397",
               "CSAFPID-912561",
               "CSAFPID-345049",
               "CSAFPID-611390",
               "CSAFPID-611417",
               "CSAFPID-764274",
               "CSAFPID-764275",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-33201",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-764250",
                  "CSAFPID-611394",
                  "CSAFPID-1650584",
                  "CSAFPID-1673397",
                  "CSAFPID-912561",
                  "CSAFPID-345049",
                  "CSAFPID-611390",
                  "CSAFPID-611417",
                  "CSAFPID-764274",
                  "CSAFPID-764275",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-33201",
      },
      {
         cve: "CVE-2023-37920",
         cwe: {
            id: "CWE-295",
            name: "Improper Certificate Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Certificate Validation",
               title: "CWE-295",
            },
            {
               category: "other",
               text: "Insufficient Verification of Data Authenticity",
               title: "CWE-345",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-37920",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
               ],
            },
         ],
         title: "CVE-2023-37920",
      },
      {
         cve: "CVE-2023-39410",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673404",
               "CSAFPID-1673384",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-39410",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673404",
                  "CSAFPID-1673384",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
               ],
            },
         ],
         title: "CVE-2023-39410",
      },
      {
         cve: "CVE-2023-44487",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650757",
               "CSAFPID-1650758",
               "CSAFPID-1650759",
               "CSAFPID-1650760",
               "CSAFPID-1650761",
               "CSAFPID-89587",
               "CSAFPID-816361",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503603",
               "CSAFPID-1503575",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-44487",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650757",
                  "CSAFPID-1650758",
                  "CSAFPID-1650759",
                  "CSAFPID-1650760",
                  "CSAFPID-1650761",
                  "CSAFPID-89587",
                  "CSAFPID-816361",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503603",
                  "CSAFPID-1503575",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-44487",
      },
      {
         cve: "CVE-2023-44981",
         cwe: {
            id: "CWE-639",
            name: "Authorization Bypass Through User-Controlled Key",
         },
         notes: [
            {
               category: "other",
               text: "Authorization Bypass Through User-Controlled Key",
               title: "CWE-639",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650515",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-44981",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650515",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
               ],
            },
         ],
         title: "CVE-2023-44981",
      },
      {
         cve: "CVE-2023-45288",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-45288",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-45288",
      },
      {
         cve: "CVE-2023-48795",
         cwe: {
            id: "CWE-222",
            name: "Truncation of Security-relevant Information",
         },
         notes: [
            {
               category: "other",
               text: "Truncation of Security-relevant Information",
               title: "CWE-222",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650765",
               "CSAFPID-1650757",
               "CSAFPID-1650758",
               "CSAFPID-1650767",
               "CSAFPID-1650759",
               "CSAFPID-1650760",
               "CSAFPID-1650761",
               "CSAFPID-89587",
               "CSAFPID-220643",
               "CSAFPID-342816",
               "CSAFPID-667692",
               "CSAFPID-764250",
               "CSAFPID-764813",
               "CSAFPID-816317",
               "CSAFPID-816361",
               "CSAFPID-816798",
               "CSAFPID-816799",
               "CSAFPID-816800",
               "CSAFPID-816801",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-816852",
               "CSAFPID-816853",
               "CSAFPID-816854",
               "CSAFPID-816855",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-816870",
               "CSAFPID-816871",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-1503603",
               "CSAFPID-1503612",
               "CSAFPID-1503575",
               "CSAFPID-1503640",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-48795",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650765",
                  "CSAFPID-1650757",
                  "CSAFPID-1650758",
                  "CSAFPID-1650767",
                  "CSAFPID-1650759",
                  "CSAFPID-1650760",
                  "CSAFPID-1650761",
                  "CSAFPID-89587",
                  "CSAFPID-220643",
                  "CSAFPID-342816",
                  "CSAFPID-667692",
                  "CSAFPID-764250",
                  "CSAFPID-764813",
                  "CSAFPID-816317",
                  "CSAFPID-816361",
                  "CSAFPID-816798",
                  "CSAFPID-816799",
                  "CSAFPID-816800",
                  "CSAFPID-816801",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-816852",
                  "CSAFPID-816853",
                  "CSAFPID-816854",
                  "CSAFPID-816855",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-816870",
                  "CSAFPID-816871",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-1503603",
                  "CSAFPID-1503612",
                  "CSAFPID-1503575",
                  "CSAFPID-1503640",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
               ],
            },
         ],
         title: "CVE-2023-48795",
      },
      {
         cve: "CVE-2023-49083",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-49083",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-49083",
      },
      {
         cve: "CVE-2023-51384",
         cwe: {
            id: "CWE-304",
            name: "Missing Critical Step in Authentication",
         },
         notes: [
            {
               category: "other",
               text: "Missing Critical Step in Authentication",
               title: "CWE-304",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-51384",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-51384",
      },
      {
         cve: "CVE-2023-51385",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-51385",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2023-51385",
      },
      {
         cve: "CVE-2023-52425",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-52425",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-52425",
      },
      {
         cve: "CVE-2023-52426",
         cwe: {
            id: "CWE-776",
            name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')",
               title: "CWE-776",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-52426",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2023-52426",
      },
      {
         cve: "CVE-2024-1874",
         cwe: {
            id: "CWE-77",
            name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
               title: "CWE-77",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-1874",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-1874",
      },
      {
         cve: "CVE-2024-2408",
         cwe: {
            id: "CWE-203",
            name: "Observable Discrepancy",
         },
         notes: [
            {
               category: "other",
               text: "Observable Discrepancy",
               title: "CWE-203",
            },
            {
               category: "other",
               text: "Observable Timing Discrepancy",
               title: "CWE-208",
            },
            {
               category: "other",
               text: "Use of a Broken or Risky Cryptographic Algorithm",
               title: "CWE-327",
            },
            {
               category: "other",
               text: "Covert Timing Channel",
               title: "CWE-385",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-2408",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-2408",
      },
      {
         cve: "CVE-2024-2511",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Improperly Controlled Sequential Memory Allocation",
               title: "CWE-1325",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-2511",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-2511",
      },
      {
         cve: "CVE-2024-4577",
         cwe: {
            id: "CWE-88",
            name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
               title: "CWE-88",
            },
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4577",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-4577",
      },
      {
         cve: "CVE-2024-4603",
         cwe: {
            id: "CWE-606",
            name: "Unchecked Input for Loop Condition",
         },
         notes: [
            {
               category: "other",
               text: "Unchecked Input for Loop Condition",
               title: "CWE-606",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4603",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-4603",
      },
      {
         cve: "CVE-2024-4741",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-4741",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-4741",
      },
      {
         cve: "CVE-2024-5458",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5458",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-5458",
      },
      {
         cve: "CVE-2024-5535",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Improper Restriction of Operations within the Bounds of a Memory Buffer",
               title: "CWE-119",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673508",
               "CSAFPID-1673525",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5535",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673508",
                  "CSAFPID-1673525",
               ],
            },
         ],
         title: "CVE-2024-5535",
      },
      {
         cve: "CVE-2024-5585",
         cwe: {
            id: "CWE-116",
            name: "Improper Encoding or Escaping of Output",
         },
         notes: [
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
            {
               category: "other",
               text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
               title: "CWE-88",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673422",
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-5585",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673422",
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-5585",
      },
      {
         cve: "CVE-2024-6119",
         cwe: {
            id: "CWE-843",
            name: "Access of Resource Using Incompatible Type ('Type Confusion')",
         },
         notes: [
            {
               category: "other",
               text: "Access of Resource Using Incompatible Type ('Type Confusion')",
               title: "CWE-843",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673508",
               "CSAFPID-1673525",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-6119",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673508",
                  "CSAFPID-1673525",
               ],
            },
         ],
         title: "CVE-2024-6119",
      },
      {
         cve: "CVE-2024-6232",
         cwe: {
            id: "CWE-1333",
            name: "Inefficient Regular Expression Complexity",
         },
         notes: [
            {
               category: "other",
               text: "Inefficient Regular Expression Complexity",
               title: "CWE-1333",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-6232",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json",
            },
         ],
         title: "CVE-2024-6232",
      },
      {
         cve: "CVE-2024-7264",
         cwe: {
            id: "CWE-125",
            name: "Out-of-bounds Read",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Read",
               title: "CWE-125",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673529",
               "CSAFPID-1673479",
               "CSAFPID-1673511",
               "CSAFPID-1673512",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-7264",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673529",
                  "CSAFPID-1673479",
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
               ],
            },
         ],
         title: "CVE-2024-7264",
      },
      {
         cve: "CVE-2024-7592",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-7592",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json",
            },
         ],
         title: "CVE-2024-7592",
      },
      {
         cve: "CVE-2024-21131",
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21131",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json",
            },
         ],
         title: "CVE-2024-21131",
      },
      {
         cve: "CVE-2024-21138",
         cwe: {
            id: "CWE-835",
            name: "Loop with Unreachable Exit Condition ('Infinite Loop')",
         },
         notes: [
            {
               category: "other",
               text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
               title: "CWE-835",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21138",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json",
            },
         ],
         title: "CVE-2024-21138",
      },
      {
         cve: "CVE-2024-21140",
         product_status: {
            known_affected: [
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503299",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21140",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json",
            },
         ],
         title: "CVE-2024-21140",
      },
      {
         cve: "CVE-2024-21144",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21144",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json",
            },
         ],
         title: "CVE-2024-21144",
      },
      {
         cve: "CVE-2024-21145",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503299",
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21145",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json",
            },
         ],
         title: "CVE-2024-21145",
      },
      {
         cve: "CVE-2024-21147",
         product_status: {
            known_affected: [
               "CSAFPID-1503306",
               "CSAFPID-1503302",
               "CSAFPID-1503299",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21147",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json",
            },
         ],
         title: "CVE-2024-21147",
      },
      {
         cve: "CVE-2024-21233",
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21233",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-21233",
      },
      {
         cve: "CVE-2024-21242",
         product_status: {
            known_affected: [
               "CSAFPID-1673443",
               "CSAFPID-1673444",
               "CSAFPID-1673445",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21242",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.5,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673443",
                  "CSAFPID-1673444",
                  "CSAFPID-1673445",
               ],
            },
         ],
         title: "CVE-2024-21242",
      },
      {
         cve: "CVE-2024-21251",
         product_status: {
            known_affected: [
               "CSAFPID-1673450",
               "CSAFPID-1673451",
               "CSAFPID-1673452",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21251",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.1,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673450",
                  "CSAFPID-1673451",
                  "CSAFPID-1673452",
               ],
            },
         ],
         title: "CVE-2024-21251",
      },
      {
         cve: "CVE-2024-21261",
         product_status: {
            known_affected: [
               "CSAFPID-1673144",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21261",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673144",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-21261",
      },
      {
         cve: "CVE-2024-22018",
         cwe: {
            id: "CWE-275",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-275",
               title: "CWE-275",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22018",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-22018",
      },
      {
         cve: "CVE-2024-22020",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22020",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-22020",
      },
      {
         cve: "CVE-2024-22201",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-22201",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-22201",
      },
      {
         cve: "CVE-2024-23807",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1650831",
               "CSAFPID-1650825",
               "CSAFPID-1673479",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-23807",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1650831",
                  "CSAFPID-1650825",
                  "CSAFPID-1673479",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-23807",
      },
      {
         cve: "CVE-2024-23944",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-23944",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-23944",
      },
      {
         cve: "CVE-2024-24989",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-24989",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json",
            },
         ],
         title: "CVE-2024-24989",
      },
      {
         cve: "CVE-2024-24990",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         notes: [
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-24990",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-24990",
      },
      {
         cve: "CVE-2024-25710",
         cwe: {
            id: "CWE-835",
            name: "Loop with Unreachable Exit Condition ('Infinite Loop')",
         },
         notes: [
            {
               category: "other",
               text: "Loop with Unreachable Exit Condition ('Infinite Loop')",
               title: "CWE-835",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1673384",
               "CSAFPID-816871",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-342816",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-912046",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-25710",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1673384",
                  "CSAFPID-816871",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-342816",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-912046",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-25710",
      },
      {
         cve: "CVE-2024-26130",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816798",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-26130",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816798",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-26130",
      },
      {
         cve: "CVE-2024-26308",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1673384",
               "CSAFPID-816871",
               "CSAFPID-816798",
               "CSAFPID-342816",
               "CSAFPID-764275",
               "CSAFPID-764752",
               "CSAFPID-816801",
               "CSAFPID-816846",
               "CSAFPID-912044",
               "CSAFPID-912045",
               "CSAFPID-912046",
               "CSAFPID-912561",
               "CSAFPID-912567",
               "CSAFPID-912600",
               "CSAFPID-912601",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-816845",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-26308",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1673384",
                  "CSAFPID-816871",
                  "CSAFPID-816798",
                  "CSAFPID-342816",
                  "CSAFPID-764275",
                  "CSAFPID-764752",
                  "CSAFPID-816801",
                  "CSAFPID-816846",
                  "CSAFPID-912044",
                  "CSAFPID-912045",
                  "CSAFPID-912046",
                  "CSAFPID-912561",
                  "CSAFPID-912567",
                  "CSAFPID-912600",
                  "CSAFPID-912601",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-816845",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-26308",
      },
      {
         cve: "CVE-2024-27983",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-27983",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-27983",
      },
      {
         cve: "CVE-2024-28182",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Detection of Error Condition Without Action",
               title: "CWE-390",
            },
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673442",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28182",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673442",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-28182",
      },
      {
         cve: "CVE-2024-28849",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28849",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-28849",
      },
      {
         cve: "CVE-2024-28887",
         cwe: {
            id: "CWE-427",
            name: "Uncontrolled Search Path Element",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Search Path Element",
               title: "CWE-427",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-28887",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-28887",
      },
      {
         cve: "CVE-2024-29025",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673488",
               "CSAFPID-1673489",
               "CSAFPID-1673491",
               "CSAFPID-1673492",
               "CSAFPID-1673493",
               "CSAFPID-1673495",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29025",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673488",
                  "CSAFPID-1673489",
                  "CSAFPID-1673491",
                  "CSAFPID-1673492",
                  "CSAFPID-1673493",
                  "CSAFPID-1673495",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29025",
      },
      {
         cve: "CVE-2024-29131",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673497",
               "CSAFPID-1673397",
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29131",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673497",
                  "CSAFPID-1673397",
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29131",
      },
      {
         cve: "CVE-2024-29133",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673497",
               "CSAFPID-1673397",
               "CSAFPID-1673384",
               "CSAFPID-1503575",
               "CSAFPID-1503603",
               "CSAFPID-764250",
               "CSAFPID-1503612",
               "CSAFPID-1503640",
               "CSAFPID-342816",
               "CSAFPID-816845",
               "CSAFPID-816846",
               "CSAFPID-1503299",
               "CSAFPID-1503302",
               "CSAFPID-1503306",
               "CSAFPID-1503661",
               "CSAFPID-1503663",
               "CSAFPID-764813",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-29133",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673497",
                  "CSAFPID-1673397",
                  "CSAFPID-1673384",
                  "CSAFPID-1503575",
                  "CSAFPID-1503603",
                  "CSAFPID-764250",
                  "CSAFPID-1503612",
                  "CSAFPID-1503640",
                  "CSAFPID-342816",
                  "CSAFPID-816845",
                  "CSAFPID-816846",
                  "CSAFPID-1503299",
                  "CSAFPID-1503302",
                  "CSAFPID-1503306",
                  "CSAFPID-1503661",
                  "CSAFPID-1503663",
                  "CSAFPID-764813",
               ],
            },
         ],
         title: "CVE-2024-29133",
      },
      {
         cve: "CVE-2024-31079",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Stack-based Buffer Overflow",
               title: "CWE-121",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-31079",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-31079",
      },
      {
         cve: "CVE-2024-32760",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-32760",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-32760",
      },
      {
         cve: "CVE-2024-34161",
         cwe: {
            id: "CWE-401",
            name: "Missing Release of Memory after Effective Lifetime",
         },
         notes: [
            {
               category: "other",
               text: "Missing Release of Memory after Effective Lifetime",
               title: "CWE-401",
            },
            {
               category: "other",
               text: "Use After Free",
               title: "CWE-416",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-34161",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-34161",
      },
      {
         cve: "CVE-2024-34750",
         cwe: {
            id: "CWE-755",
            name: "Improper Handling of Exceptional Conditions",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Exceptional Conditions",
               title: "CWE-755",
            },
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673504",
               "CSAFPID-1673506",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-34750",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673504",
                  "CSAFPID-1673506",
               ],
            },
         ],
         title: "CVE-2024-34750",
      },
      {
         cve: "CVE-2024-35200",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-35200",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-35200",
      },
      {
         cve: "CVE-2024-36137",
         cwe: {
            id: "CWE-275",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-275",
               title: "CWE-275",
            },
            {
               category: "other",
               text: "Incorrect Permission Assignment for Critical Resource",
               title: "CWE-732",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36137",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-36137",
      },
      {
         cve: "CVE-2024-36138",
         cwe: {
            id: "CWE-77",
            name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')",
               title: "CWE-77",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36138",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json",
            },
         ],
         title: "CVE-2024-36138",
      },
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36387",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-37370",
         cwe: {
            id: "CWE-130",
            name: "Improper Handling of Length Parameter Inconsistency",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Length Parameter Inconsistency",
               title: "CWE-130",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673507",
               "CSAFPID-1673508",
               "CSAFPID-1673509",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37370",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673507",
                  "CSAFPID-1673508",
                  "CSAFPID-1673509",
               ],
            },
         ],
         title: "CVE-2024-37370",
      },
      {
         cve: "CVE-2024-37371",
         cwe: {
            id: "CWE-130",
            name: "Improper Handling of Length Parameter Inconsistency",
         },
         notes: [
            {
               category: "other",
               text: "Improper Handling of Length Parameter Inconsistency",
               title: "CWE-130",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673507",
               "CSAFPID-1673508",
               "CSAFPID-1673509",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37371",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673507",
                  "CSAFPID-1673508",
                  "CSAFPID-1673509",
               ],
            },
         ],
         title: "CVE-2024-37371",
      },
      {
         cve: "CVE-2024-37372",
         product_status: {
            known_affected: [
               "CSAFPID-89587",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-37372",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-89587",
               ],
            },
         ],
         title: "CVE-2024-37372",
      },
      {
         cve: "CVE-2024-38356",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673510",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38356",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673510",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38356",
      },
      {
         cve: "CVE-2024-38357",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
               title: "CWE-79",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673510",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38357",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673510",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38357",
      },
      {
         cve: "CVE-2024-38472",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38472",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38473",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         cwe: {
            id: "CWE-172",
            name: "Encoding Error",
         },
         notes: [
            {
               category: "other",
               text: "Encoding Error",
               title: "CWE-172",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38474",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
            {
               category: "other",
               text: "Improper Encoding or Escaping of Output",
               title: "CWE-116",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38475",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.1,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Inclusion of Functionality from Untrusted Control Sphere",
               title: "CWE-829",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38476",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38477",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-38998",
         cwe: {
            id: "CWE-1321",
            name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
         },
         notes: [
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673511",
               "CSAFPID-1673512",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38998",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38998",
      },
      {
         cve: "CVE-2024-38999",
         cwe: {
            id: "CWE-1321",
            name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
         },
         notes: [
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673511",
               "CSAFPID-1673512",
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-38999",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 10,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673511",
                  "CSAFPID-1673512",
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-38999",
      },
      {
         cve: "CVE-2024-39573",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39573",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-39573",
      },
      {
         cve: "CVE-2024-39884",
         cwe: {
            id: "CWE-18",
            name: "-",
         },
         notes: [
            {
               category: "other",
               text: "CWE-18",
               title: "CWE-18",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-39884",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
               ],
            },
         ],
         title: "CVE-2024-39884",
      },
      {
         cve: "CVE-2024-40725",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         notes: [
            {
               category: "other",
               text: "Exposure of Sensitive Information to an Unauthorized Actor",
               title: "CWE-200",
            },
            {
               category: "other",
               text: "Exposure of Resource to Wrong Sphere",
               title: "CWE-668",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-40725",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
               ],
            },
         ],
         title: "CVE-2024-40725",
      },
      {
         cve: "CVE-2024-40898",
         cwe: {
            id: "CWE-918",
            name: "Server-Side Request Forgery (SSRF)",
         },
         notes: [
            {
               category: "other",
               text: "Server-Side Request Forgery (SSRF)",
               title: "CWE-918",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-345049",
               "CSAFPID-611417",
               "CSAFPID-1673479",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-40898",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-345049",
                  "CSAFPID-611417",
                  "CSAFPID-1673479",
               ],
            },
         ],
         title: "CVE-2024-40898",
      },
      {
         cve: "CVE-2024-45490",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
            {
               category: "other",
               text: "Incorrect Calculation of Buffer Size",
               title: "CWE-131",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45490",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45490",
      },
      {
         cve: "CVE-2024-45491",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45491",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45491",
      },
      {
         cve: "CVE-2024-45492",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1673385",
               "CSAFPID-1673442",
               "CSAFPID-1673386",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45492",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1673385",
                  "CSAFPID-1673442",
                  "CSAFPID-1673386",
               ],
            },
         ],
         title: "CVE-2024-45492",
      },
      {
         cve: "CVE-2024-45801",
         cwe: {
            id: "CWE-1333",
            name: "Inefficient Regular Expression Complexity",
         },
         notes: [
            {
               category: "other",
               text: "Inefficient Regular Expression Complexity",
               title: "CWE-1333",
            },
            {
               category: "other",
               text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",
               title: "CWE-1321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-1503575",
               "CSAFPID-1673188",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-45801",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-1503575",
                  "CSAFPID-1673188",
               ],
            },
         ],
         title: "CVE-2024-45801",
      },
   ],
}

ghsa-463r-p989-2f9j

Vulnerability from github

Published

2024-07-01 21:31

Modified

2024-11-25 18:33

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Details

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2024-36387",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-476",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-07-01T19:15:03Z",
      severity: "MODERATE",
   },
   details: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
   id: "GHSA-463r-p989-2f9j",
   modified: "2024-11-25T18:33:24Z",
   published: "2024-07-01T21:31:13Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
      },
      {
         type: "WEB",
         url: "https://httpd.apache.org/security/vulnerabilities_24.html",
      },
      {
         type: "WEB",
         url: "https://security.netapp.com/advisory/ntap-20240712-0001",
      },
      {
         type: "WEB",
         url: "http://www.openwall.com/lists/oss-security/2024/07/01/4",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
         type: "CVSS_V3",
      },
   ],
}

WID-SEC-W-2024-1504

Vulnerability from csaf_certbund

Published

2024-07-01 22:00

Modified

2025-01-19 23:00

Summary

Apache HTTP Server: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Apache ist ein Webserver für verschiedene Plattformen.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Apache ist ein Webserver für verschiedene Plattformen.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- MacOS X\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1504 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1504.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1504 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504",
         },
         {
            category: "external",
            summary: "Apache Advisory vom 2024-07-01",
            url: "https://httpd.apache.org/security/vulnerabilities_24.html",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295018",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022",
         },
         {
            category: "external",
            summary: "Apache HTTP Server",
            url: "https://seclists.org/oss-sec/2024/q3/8",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:4197 vom 2024-07-02",
            url: "https://errata.build.resf.org/RLSA-2024:4197",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-39F1A828ED vom 2024-07-03",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39f1a828ed",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-E7E73BEFAD vom 2024-07-03",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7e73befad",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-1 vom 2024-07-08",
            url: "https://ubuntu.com/security/notices/USN-6885-1",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7159849 vom 2024-07-09",
            url: "https://www.ibm.com/support/pages/node/7159849",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-661BB6322D vom 2024-07-11",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-661bb6322d",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-CB8ACBF644 vom 2024-07-11",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cb8acbf644",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7160019 vom 2024-07-11",
            url: "https://www.ibm.com/support/pages/node/7160019",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2405-1 vom 2024-07-11",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018934.html",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5729 vom 2024-07-12",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00140.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-2 vom 2024-07-11",
            url: "https://ubuntu.com/security/notices/USN-6885-2",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2560-1 vom 2024-07-18",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019002.html",
         },
         {
            category: "external",
            summary: "Amazon Linux Security Advisory ALAS-2024-2594 vom 2024-07-23",
            url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2594.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2591-1 vom 2024-07-22",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019006.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2597-1 vom 2024-07-23",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019023.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4726 vom 2024-07-24",
            url: "https://linux.oracle.com/errata/ELSA-2024-4726.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4719 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4719",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4720 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4720",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4726 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4726",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4720 vom 2024-07-24",
            url: "https://linux.oracle.com/errata/ELSA-2024-4720.html",
         },
         {
            category: "external",
            summary: "Amazon Linux Security Advisory ALAS-2024-1944 vom 2024-07-24",
            url: "https://alas.aws.amazon.com/ALAS-2024-1944.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4827 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4827",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4830 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4830",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4820 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4820",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4862 vom 2024-07-25",
            url: "https://access.redhat.com/errata/RHSA-2024:4862",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4863 vom 2024-07-25",
            url: "https://access.redhat.com/errata/RHSA-2024:4863",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:4726 vom 2024-07-26",
            url: "https://errata.build.resf.org/RLSA-2024:4726",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2624-1 vom 2024-07-30",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019050.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4938 vom 2024-07-31",
            url: "https://access.redhat.com/errata/RHSA-2024:4938",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4943 vom 2024-07-31",
            url: "https://access.redhat.com/errata/RHSA-2024:4943",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-E83AF0855E vom 2024-08-01",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e83af0855e",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140505 vom 2024-08-03",
            url: "https://my.f5.com/manage/s/article/K000140505",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5001 vom 2024-08-05",
            url: "https://access.redhat.com/errata/RHSA-2024:5001",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140620 vom 2024-08-08",
            url: "https://my.f5.com/manage/s/article/K000140620",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5138 vom 2024-08-08",
            url: "https://access.redhat.com/errata/RHSA-2024:5138",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-5138 vom 2024-08-09",
            url: "https://linux.oracle.com/errata/ELSA-2024-5138.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5193 vom 2024-08-12",
            url: "https://access.redhat.com/errata/RHSA-2024:5193",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5239 vom 2024-08-13",
            url: "https://access.redhat.com/errata/RHSA-2024:5239",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5240 vom 2024-08-13",
            url: "https://access.redhat.com/errata/RHSA-2024:5240",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140693 vom 2024-08-13",
            url: "https://my.f5.com/manage/s/article/K000140693",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-5193 vom 2024-08-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-5193.html",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7165827 vom 2024-08-19",
            url: "https://www.ibm.com/support/pages/node/7165827",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2436-1 vom 2024-08-19",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019226.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2997-1 vom 2024-08-21",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019299.html",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:5138 vom 2024-08-21",
            url: "https://errata.build.resf.org/RLSA-2024:5138",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:5193 vom 2024-08-21",
            url: "https://errata.build.resf.org/RLSA-2024:5193",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2999-1 vom 2024-08-22",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019301.html",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140784 vom 2024-08-23",
            url: "https://my.f5.com/manage/s/article/K000140784",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5812 vom 2024-08-26",
            url: "https://access.redhat.com/errata/RHSA-2024:5812",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5832 vom 2024-08-26",
            url: "https://access.redhat.com/errata/RHSA-2024:5832",
         },
         {
            category: "external",
            summary: "DELL Security Update for Dell PowerScale OneFS",
            url: "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6136 vom 2024-09-03",
            url: "https://access.redhat.com/errata/RHSA-2024:6136",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04",
            url: "https://access.redhat.com/errata/RHSA-2024:6004",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7166853 vom 2024-09-05",
            url: "https://www.ibm.com/support/pages/node/7166853",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05",
            url: "https://access.redhat.com/errata/RHSA-2024:6013",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7167662 vom 2024-09-05",
            url: "https://www.ibm.com/support/pages/node/7167662",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6468 vom 2024-09-09",
            url: "https://access.redhat.com/errata/RHSA-2024:6468",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6467 vom 2024-09-09",
            url: "https://access.redhat.com/errata/RHSA-2024:6467",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3173-1 vom 2024-09-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019389.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3172-1 vom 2024-09-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019390.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6584 vom 2024-09-11",
            url: "https://access.redhat.com/errata/RHSA-2024:6584",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6583 vom 2024-09-11",
            url: "https://access.redhat.com/errata/RHSA-2024:6583",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4943 vom 2024-09-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-4943.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-3 vom 2024-09-18",
            url: "https://ubuntu.com/security/notices/USN-6885-3",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6928 vom 2024-09-24",
            url: "https://access.redhat.com/errata/RHSA-2024:6928",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6927 vom 2024-09-24",
            url: "https://access.redhat.com/errata/RHSA-2024:6927",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:7101 vom 2024-09-25",
            url: "https://access.redhat.com/errata/RHSA-2024:7101",
         },
         {
            category: "external",
            summary: "Gentoo Linux Security Advisory GLSA-202409-31 vom 2024-09-28",
            url: "https://security.gentoo.org/glsa/202409-31",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-423 vom 2024-10-11",
            url: "https://www.dell.com/support/kbdoc/de-de/000235068/dsa-2024-423-security-update-for-dell-networker-and-networker-management-console-nmc-multiple-component-vulnerabilities",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7173018 vom 2024-10-14",
            url: "https://www.ibm.com/support/pages/node/7173018",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-3921 vom 2024-10-17",
            url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00013.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-7101 vom 2024-10-17",
            url: "https://linux.oracle.com/errata/ELSA-2024-7101.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8680 vom 2024-10-31",
            url: "https://access.redhat.com/errata/RHSA-2024:8680",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-8680 vom 2024-10-31",
            url: "http://linux.oracle.com/errata/ELSA-2024-8680.html",
         },
         {
            category: "external",
            summary: "HCL Security Advisory",
            url: "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115052",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:8680 vom 2024-11-08",
            url: "https://errata.build.resf.org/RLSA-2024:8680",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-016 vom 2024-11-18",
            url: "https://security.business.xerox.com/wp-content/uploads/2024/11/Xerox%C2%AE-Security-Bulletin-XRX24-016-for-Xerox%C2%AEFreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-453 vom 2024-12-05",
            url: "https://www.dell.com/support/kbdoc/de-de/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
         },
         {
            category: "external",
            summary: "SonicWall Security Advisory SNWLID-2024-0018 vom 2024-12-06",
            url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-483 vom 2024-12-18",
            url: "https://www.dell.com/support/kbdoc/de-de/000256642/dsa-2024-483-security-update-for-dell-ecs-multiple-vulnerabilities",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-019 vom 2024-12-17",
            url: "https://security.business.xerox.com/wp-content/uploads/2024/12/Xerox-Security-Bulletin-XRX24-019-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "HPE Security Bulletin vom 2025-01-17",
            url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04773en_us&docLocale=en_US",
         },
      ],
      source_lang: "en-US",
      title: "Apache HTTP Server: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2025-01-19T23:00:00.000+00:00",
         generator: {
            date: "2025-01-20T09:21:02.020+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.10",
            },
         },
         id: "WID-SEC-W-2024-1504",
         initial_release_date: "2024-07-01T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-07-01T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-07-02T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-07-03T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von Fedora aufgenommen",
            },
            {
               date: "2024-07-08T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-07-09T22:00:00.000+00:00",
               number: "5",
               summary: "Neue Updates von IBM und IBM-APAR aufgenommen",
            },
            {
               date: "2024-07-11T22:00:00.000+00:00",
               number: "6",
               summary: "Neue Updates von Fedora, IBM, SUSE, Debian und Ubuntu aufgenommen",
            },
            {
               date: "2024-07-18T22:00:00.000+00:00",
               number: "7",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-07-22T22:00:00.000+00:00",
               number: "8",
               summary: "Neue Updates von Amazon und SUSE aufgenommen",
            },
            {
               date: "2024-07-23T22:00:00.000+00:00",
               number: "9",
               summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen",
            },
            {
               date: "2024-07-24T22:00:00.000+00:00",
               number: "10",
               summary: "Neue Updates von Amazon und Red Hat aufgenommen",
            },
            {
               date: "2024-07-25T22:00:00.000+00:00",
               number: "11",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-07-28T22:00:00.000+00:00",
               number: "12",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-07-29T22:00:00.000+00:00",
               number: "13",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-07-31T22:00:00.000+00:00",
               number: "14",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-08-01T22:00:00.000+00:00",
               number: "15",
               summary: "Neue Updates von Fedora aufgenommen",
            },
            {
               date: "2024-08-04T22:00:00.000+00:00",
               number: "16",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-08-07T22:00:00.000+00:00",
               number: "17",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-08-08T22:00:00.000+00:00",
               number: "18",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-08-11T22:00:00.000+00:00",
               number: "19",
               summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen",
            },
            {
               date: "2024-08-13T22:00:00.000+00:00",
               number: "20",
               summary: "Neue Updates von Red Hat und F5 aufgenommen",
            },
            {
               date: "2024-08-14T22:00:00.000+00:00",
               number: "21",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-08-18T22:00:00.000+00:00",
               number: "22",
               summary: "Neue Updates von IBM aufgenommen",
            },
            {
               date: "2024-08-19T22:00:00.000+00:00",
               number: "23",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-08-21T22:00:00.000+00:00",
               number: "24",
               summary: "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-08-22T22:00:00.000+00:00",
               number: "25",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-08-25T22:00:00.000+00:00",
               number: "26",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-09-01T22:00:00.000+00:00",
               number: "27",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-09-02T22:00:00.000+00:00",
               number: "28",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-03T22:00:00.000+00:00",
               number: "29",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-05T22:00:00.000+00:00",
               number: "30",
               summary: "Neue Updates von IBM, Red Hat und XEROX aufgenommen",
            },
            {
               date: "2024-09-08T22:00:00.000+00:00",
               number: "31",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-09T22:00:00.000+00:00",
               number: "32",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-11T22:00:00.000+00:00",
               number: "33",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-15T22:00:00.000+00:00",
               number: "34",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-09-18T22:00:00.000+00:00",
               number: "35",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-09-24T22:00:00.000+00:00",
               number: "36",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-25T22:00:00.000+00:00",
               number: "37",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-29T22:00:00.000+00:00",
               number: "38",
               summary: "Neue Updates von Gentoo aufgenommen",
            },
            {
               date: "2024-10-10T22:00:00.000+00:00",
               number: "39",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-10-13T22:00:00.000+00:00",
               number: "40",
               summary: "Neue Updates von IBM aufgenommen",
            },
            {
               date: "2024-10-17T22:00:00.000+00:00",
               number: "41",
               summary: "Neue Updates von Debian und Oracle Linux aufgenommen",
            },
            {
               date: "2024-10-30T23:00:00.000+00:00",
               number: "42",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-10-31T23:00:00.000+00:00",
               number: "43",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-11-03T23:00:00.000+00:00",
               number: "44",
               summary: "Neue Updates von HCL aufgenommen",
            },
            {
               date: "2024-11-10T23:00:00.000+00:00",
               number: "45",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-11-18T23:00:00.000+00:00",
               number: "46",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2024-11-21T23:00:00.000+00:00",
               number: "47",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2024-12-04T23:00:00.000+00:00",
               number: "48",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-12-05T23:00:00.000+00:00",
               number: "49",
               summary: "Neue Updates von SonicWall aufgenommen",
            },
            {
               date: "2024-12-15T23:00:00.000+00:00",
               number: "50",
               summary: "Referenz(en) aufgenommen: 7178940, 7178937, 7178941, 7178939, 7178938",
            },
            {
               date: "2024-12-17T23:00:00.000+00:00",
               number: "51",
               summary: "Neue Updates von Dell und XEROX aufgenommen",
            },
            {
               date: "2025-01-12T23:00:00.000+00:00",
               number: "52",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2025-01-19T23:00:00.000+00:00",
               number: "53",
               summary: "Neue Updates von HP aufgenommen",
            },
         ],
         status: "final",
         version: "53",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Amazon Linux 2",
                  product: {
                     name: "Amazon Linux 2",
                     product_id: "398363",
                     product_identification_helper: {
                        cpe: "cpe:/o:amazon:linux_2:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Amazon",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<2.4.60",
                        product: {
                           name: "Apache HTTP Server <2.4.60",
                           product_id: "T035727",
                        },
                     },
                     {
                        category: "product_version",
                        name: "2.4.60",
                        product: {
                           name: "Apache HTTP Server 2.4.60",
                           product_id: "T035727-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:apache:http_server:2.4.60",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HTTP Server",
               },
            ],
            category: "vendor",
            name: "Apache",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Debian Linux",
                  product: {
                     name: "Debian Linux",
                     product_id: "2951",
                     product_identification_helper: {
                        cpe: "cpe:/o:debian:debian_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Debian",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<3.8.1.3",
                        product: {
                           name: "Dell ECS <3.8.1.3",
                           product_id: "T039899",
                        },
                     },
                     {
                        category: "product_version",
                        name: "3.8.1.3",
                        product: {
                           name: "Dell ECS 3.8.1.3",
                           product_id: "T039899-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/h:dell:ecs:3.8.1.3",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "ECS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<19.10.0.5",
                        product: {
                           name: "Dell NetWorker <19.10.0.5",
                           product_id: "T038270",
                        },
                     },
                     {
                        category: "product_version",
                        name: "19.10.0.5",
                        product: {
                           name: "Dell NetWorker 19.10.0.5",
                           product_id: "T038270-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:networker:19.10.0.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "NetWorker",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Dell PowerScale",
                        product: {
                           name: "Dell PowerScale",
                           product_id: "T034610",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.8.0.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.8.0.1",
                           product_id: "T035762",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.8.0.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.8.0.1",
                           product_id: "T035762-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.8.0.1",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.4.0.20",
                        product: {
                           name: "Dell PowerScale OneFS <9.4.0.20",
                           product_id: "T038705",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.4.0.20",
                        product: {
                           name: "Dell PowerScale OneFS 9.4.0.20",
                           product_id: "T038705-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.4.0.20",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.5.1.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.5.1.1",
                           product_id: "T038706",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.5.1.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.5.1.1",
                           product_id: "T038706-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.5.1.1",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.7.1.3",
                        product: {
                           name: "Dell PowerScale OneFS <9.7.1.3",
                           product_id: "T039585",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.7.1.3",
                        product: {
                           name: "Dell PowerScale OneFS 9.7.1.3",
                           product_id: "T039585-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.7.1.3",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.9.0.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.9.0.1",
                           product_id: "T039586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.9.0.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.9.0.1",
                           product_id: "T039586-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.9.0.1",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "PowerScale",
               },
            ],
            category: "vendor",
            name: "Dell",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "F5 BIG-IP",
                        product: {
                           name: "F5 BIG-IP",
                           product_id: "T001663",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "17.1.0-17.1.1",
                        product: {
                           name: "F5 BIG-IP 17.1.0-17.1.1",
                           product_id: "T034899",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "15.1.0-15.1.10",
                        product: {
                           name: "F5 BIG-IP 15.1.0-15.1.10",
                           product_id: "T034902",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "16.1.0-16.1.5",
                        product: {
                           name: "F5 BIG-IP 16.1.0-16.1.5",
                           product_id: "T037028",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "BIG-IP",
               },
            ],
            category: "vendor",
            name: "F5",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Fedora Linux",
                  product: {
                     name: "Fedora Linux",
                     product_id: "74185",
                     product_identification_helper: {
                        cpe: "cpe:/o:fedoraproject:fedora:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Fedora",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Gentoo Linux",
                  product: {
                     name: "Gentoo Linux",
                     product_id: "T012167",
                     product_identification_helper: {
                        cpe: "cpe:/o:gentoo:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Gentoo",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "8.x",
                        product: {
                           name: "HCL Commerce 8.x",
                           product_id: "T038745",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:8.x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.0-9.0.1.21",
                        product: {
                           name: "HCL Commerce 9.0-9.0.1.21",
                           product_id: "T038746",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:9.0_-_9.0.1.21",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.1.0-9.1.15",
                        product: {
                           name: "HCL Commerce 9.1.0-9.1.15",
                           product_id: "T038747",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.15",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Commerce",
               },
            ],
            category: "vendor",
            name: "HCL",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<11.31",
                        product: {
                           name: "HPE HP-UX <11.31",
                           product_id: "T040402",
                        },
                     },
                     {
                        category: "product_version",
                        name: "11.31",
                        product: {
                           name: "HPE HP-UX 11.31",
                           product_id: "T040402-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:hp:hp-ux:11.31",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HP-UX",
               },
            ],
            category: "vendor",
            name: "HPE",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "IBM Business Automation Workflow",
                        product: {
                           name: "IBM Business Automation Workflow",
                           product_id: "T019704",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:business_automation_workflow:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "24.0.0",
                        product: {
                           name: "IBM Business Automation Workflow 24.0.0",
                           product_id: "T036570",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:business_automation_workflow:24.0.0",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Business Automation Workflow",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "8.5",
                        product: {
                           name: "IBM HTTP Server 8.5",
                           product_id: "T003676",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:http_server:8.5",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9",
                        product: {
                           name: "IBM HTTP Server 9.0",
                           product_id: "T008162",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:http_server:9.0",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HTTP Server",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<8.0.0.27",
                        product: {
                           name: "IBM Rational Build Forge <8.0.0.27",
                           product_id: "T038286",
                        },
                     },
                     {
                        category: "product_version",
                        name: "8.0.0.27",
                        product: {
                           name: "IBM Rational Build Forge 8.0.0.27",
                           product_id: "T038286-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Rational Build Forge",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "9.1-9.1.0.6",
                        product: {
                           name: "IBM Rational ClearQuest 9.1-9.1.0.6",
                           product_id: "T034074",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.6",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "10.0-10.0.5",
                        product: {
                           name: "IBM Rational ClearQuest 10.0-10.0.5",
                           product_id: "T034075",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Rational ClearQuest",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "6.3.0.7",
                        product: {
                           name: "IBM Tivoli Monitoring 6.3.0.7",
                           product_id: "342008",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:tivoli_monitoring:6.3.0.7",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Tivoli Monitoring",
               },
            ],
            category: "vendor",
            name: "IBM",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Oracle Linux",
                  product: {
                     name: "Oracle Linux",
                     product_id: "T004914",
                     product_identification_helper: {
                        cpe: "cpe:/o:oracle:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "RESF Rocky Linux",
                  product: {
                     name: "RESF Rocky Linux",
                     product_id: "T032255",
                     product_identification_helper: {
                        cpe: "cpe:/o:resf:rocky_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "RESF",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<10.2.1.14-75sv",
                        product: {
                           name: "SonicWall SMA <10.2.1.14-75sv",
                           product_id: "T039602",
                        },
                     },
                     {
                        category: "product_version",
                        name: "10.2.1.14-75sv",
                        product: {
                           name: "SonicWall SMA 10.2.1.14-75sv",
                           product_id: "T039602-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:sonicwall:secure_mobile_access:10.2.1.14-75sv",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SMA",
               },
            ],
            category: "vendor",
            name: "SonicWall",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Ubuntu Linux",
                  product: {
                     name: "Ubuntu Linux",
                     product_id: "T000126",
                     product_identification_helper: {
                        cpe: "cpe:/o:canonical:ubuntu_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Ubuntu",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Xerox FreeFlow Print Server",
                        product: {
                           name: "Xerox FreeFlow Print Server",
                           product_id: "T010509",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "v9",
                        product: {
                           name: "Xerox FreeFlow Print Server v9",
                           product_id: "T015632",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:v9",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "v9 for Solaris",
                        product: {
                           name: "Xerox FreeFlow Print Server v9 for Solaris",
                           product_id: "T028053",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<9.0 SP-3 (93.M3.14.86)",
                        product: {
                           name: "Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)",
                           product_id: "T039896",
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.0 SP-3 (93.M3.14.86)",
                        product: {
                           name: "Xerox FreeFlow Print Server 9.0 SP-3 (93.M3.14.86)",
                           product_id: "T039896-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:9.0_sp-3_%2893.m3.14.86%29",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FreeFlow Print Server",
               },
            ],
            category: "vendor",
            name: "Xerox",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-38709",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2023-38709",
      },
      {
         cve: "CVE-2024-36387",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38472",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-39573",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-39573",
      },
   ],
}

wid-sec-w-2024-1504

Vulnerability from csaf_certbund

Published

2024-07-01 22:00

Modified

2025-01-19 23:00

Summary

Apache HTTP Server: Mehrere Schwachstellen

Notes

Produktbeschreibung

Apache ist ein Webserver für verschiedene Plattformen.

Angriff

Betroffene Betriebssysteme

- Linux - MacOS X - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Apache ist ein Webserver für verschiedene Plattformen.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- MacOS X\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1504 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1504.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1504 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504",
         },
         {
            category: "external",
            summary: "Apache Advisory vom 2024-07-01",
            url: "https://httpd.apache.org/security/vulnerabilities_24.html",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295012",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295013",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295014",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295016",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295018",
         },
         {
            category: "external",
            summary: "Red Hat Bugzilla vom 2024-07-01",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295022",
         },
         {
            category: "external",
            summary: "Apache HTTP Server",
            url: "https://seclists.org/oss-sec/2024/q3/8",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:4197 vom 2024-07-02",
            url: "https://errata.build.resf.org/RLSA-2024:4197",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-39F1A828ED vom 2024-07-03",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39f1a828ed",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-E7E73BEFAD vom 2024-07-03",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7e73befad",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-1 vom 2024-07-08",
            url: "https://ubuntu.com/security/notices/USN-6885-1",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7159849 vom 2024-07-09",
            url: "https://www.ibm.com/support/pages/node/7159849",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-661BB6322D vom 2024-07-11",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-661bb6322d",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-CB8ACBF644 vom 2024-07-11",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cb8acbf644",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7160019 vom 2024-07-11",
            url: "https://www.ibm.com/support/pages/node/7160019",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2405-1 vom 2024-07-11",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018934.html",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-5729 vom 2024-07-12",
            url: "https://lists.debian.org/debian-security-announce/2024/msg00140.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-2 vom 2024-07-11",
            url: "https://ubuntu.com/security/notices/USN-6885-2",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2560-1 vom 2024-07-18",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019002.html",
         },
         {
            category: "external",
            summary: "Amazon Linux Security Advisory ALAS-2024-2594 vom 2024-07-23",
            url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2594.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2591-1 vom 2024-07-22",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019006.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2597-1 vom 2024-07-23",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019023.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4726 vom 2024-07-24",
            url: "https://linux.oracle.com/errata/ELSA-2024-4726.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4719 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4719",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4720 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4720",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4726 vom 2024-07-23",
            url: "https://access.redhat.com/errata/RHSA-2024:4726",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4720 vom 2024-07-24",
            url: "https://linux.oracle.com/errata/ELSA-2024-4720.html",
         },
         {
            category: "external",
            summary: "Amazon Linux Security Advisory ALAS-2024-1944 vom 2024-07-24",
            url: "https://alas.aws.amazon.com/ALAS-2024-1944.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4827 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4827",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4830 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4830",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4820 vom 2024-07-24",
            url: "https://access.redhat.com/errata/RHSA-2024:4820",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4862 vom 2024-07-25",
            url: "https://access.redhat.com/errata/RHSA-2024:4862",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4863 vom 2024-07-25",
            url: "https://access.redhat.com/errata/RHSA-2024:4863",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:4726 vom 2024-07-26",
            url: "https://errata.build.resf.org/RLSA-2024:4726",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2624-1 vom 2024-07-30",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019050.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4938 vom 2024-07-31",
            url: "https://access.redhat.com/errata/RHSA-2024:4938",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4943 vom 2024-07-31",
            url: "https://access.redhat.com/errata/RHSA-2024:4943",
         },
         {
            category: "external",
            summary: "Fedora Security Advisory FEDORA-2024-E83AF0855E vom 2024-08-01",
            url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e83af0855e",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140505 vom 2024-08-03",
            url: "https://my.f5.com/manage/s/article/K000140505",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5001 vom 2024-08-05",
            url: "https://access.redhat.com/errata/RHSA-2024:5001",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140620 vom 2024-08-08",
            url: "https://my.f5.com/manage/s/article/K000140620",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5138 vom 2024-08-08",
            url: "https://access.redhat.com/errata/RHSA-2024:5138",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-5138 vom 2024-08-09",
            url: "https://linux.oracle.com/errata/ELSA-2024-5138.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5193 vom 2024-08-12",
            url: "https://access.redhat.com/errata/RHSA-2024:5193",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5239 vom 2024-08-13",
            url: "https://access.redhat.com/errata/RHSA-2024:5239",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5240 vom 2024-08-13",
            url: "https://access.redhat.com/errata/RHSA-2024:5240",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140693 vom 2024-08-13",
            url: "https://my.f5.com/manage/s/article/K000140693",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-5193 vom 2024-08-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-5193.html",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7165827 vom 2024-08-19",
            url: "https://www.ibm.com/support/pages/node/7165827",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2436-1 vom 2024-08-19",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019226.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2997-1 vom 2024-08-21",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019299.html",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:5138 vom 2024-08-21",
            url: "https://errata.build.resf.org/RLSA-2024:5138",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:5193 vom 2024-08-21",
            url: "https://errata.build.resf.org/RLSA-2024:5193",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:2999-1 vom 2024-08-22",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019301.html",
         },
         {
            category: "external",
            summary: "F5 Security Advisory K000140784 vom 2024-08-23",
            url: "https://my.f5.com/manage/s/article/K000140784",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5812 vom 2024-08-26",
            url: "https://access.redhat.com/errata/RHSA-2024:5812",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:5832 vom 2024-08-26",
            url: "https://access.redhat.com/errata/RHSA-2024:5832",
         },
         {
            category: "external",
            summary: "DELL Security Update for Dell PowerScale OneFS",
            url: "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6136 vom 2024-09-03",
            url: "https://access.redhat.com/errata/RHSA-2024:6136",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6004 vom 2024-09-04",
            url: "https://access.redhat.com/errata/RHSA-2024:6004",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7166853 vom 2024-09-05",
            url: "https://www.ibm.com/support/pages/node/7166853",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6013 vom 2024-09-05",
            url: "https://access.redhat.com/errata/RHSA-2024:6013",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7167662 vom 2024-09-05",
            url: "https://www.ibm.com/support/pages/node/7167662",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6468 vom 2024-09-09",
            url: "https://access.redhat.com/errata/RHSA-2024:6468",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6467 vom 2024-09-09",
            url: "https://access.redhat.com/errata/RHSA-2024:6467",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3173-1 vom 2024-09-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019389.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2024:3172-1 vom 2024-09-09",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019390.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6584 vom 2024-09-11",
            url: "https://access.redhat.com/errata/RHSA-2024:6584",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6583 vom 2024-09-11",
            url: "https://access.redhat.com/errata/RHSA-2024:6583",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-4943 vom 2024-09-14",
            url: "https://linux.oracle.com/errata/ELSA-2024-4943.html",
         },
         {
            category: "external",
            summary: "Ubuntu Security Notice USN-6885-3 vom 2024-09-18",
            url: "https://ubuntu.com/security/notices/USN-6885-3",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6928 vom 2024-09-24",
            url: "https://access.redhat.com/errata/RHSA-2024:6928",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:6927 vom 2024-09-24",
            url: "https://access.redhat.com/errata/RHSA-2024:6927",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:7101 vom 2024-09-25",
            url: "https://access.redhat.com/errata/RHSA-2024:7101",
         },
         {
            category: "external",
            summary: "Gentoo Linux Security Advisory GLSA-202409-31 vom 2024-09-28",
            url: "https://security.gentoo.org/glsa/202409-31",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-423 vom 2024-10-11",
            url: "https://www.dell.com/support/kbdoc/de-de/000235068/dsa-2024-423-security-update-for-dell-networker-and-networker-management-console-nmc-multiple-component-vulnerabilities",
         },
         {
            category: "external",
            summary: "IBM Security Bulletin 7173018 vom 2024-10-14",
            url: "https://www.ibm.com/support/pages/node/7173018",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DLA-3921 vom 2024-10-17",
            url: "https://lists.debian.org/debian-lts-announce/2024/10/msg00013.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-7101 vom 2024-10-17",
            url: "https://linux.oracle.com/errata/ELSA-2024-7101.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8680 vom 2024-10-31",
            url: "https://access.redhat.com/errata/RHSA-2024:8680",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-8680 vom 2024-10-31",
            url: "http://linux.oracle.com/errata/ELSA-2024-8680.html",
         },
         {
            category: "external",
            summary: "HCL Security Advisory",
            url: "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0115052",
         },
         {
            category: "external",
            summary: "Rocky Linux Security Advisory RLSA-2024:8680 vom 2024-11-08",
            url: "https://errata.build.resf.org/RLSA-2024:8680",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-016 vom 2024-11-18",
            url: "https://security.business.xerox.com/wp-content/uploads/2024/11/Xerox%C2%AE-Security-Bulletin-XRX24-016-for-Xerox%C2%AEFreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-453 vom 2024-12-05",
            url: "https://www.dell.com/support/kbdoc/de-de/000256645/dsa-2024-453-security-update-for-dell-powerscale-onefs-multiple-security-vulnerabilities",
         },
         {
            category: "external",
            summary: "SonicWall Security Advisory SNWLID-2024-0018 vom 2024-12-06",
            url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018",
         },
         {
            category: "external",
            summary: "Dell Security Advisory DSA-2024-483 vom 2024-12-18",
            url: "https://www.dell.com/support/kbdoc/de-de/000256642/dsa-2024-483-security-update-for-dell-ecs-multiple-vulnerabilities",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX24-019 vom 2024-12-17",
            url: "https://security.business.xerox.com/wp-content/uploads/2024/12/Xerox-Security-Bulletin-XRX24-019-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13",
            url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf",
         },
         {
            category: "external",
            summary: "HPE Security Bulletin vom 2025-01-17",
            url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04773en_us&docLocale=en_US",
         },
      ],
      source_lang: "en-US",
      title: "Apache HTTP Server: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2025-01-19T23:00:00.000+00:00",
         generator: {
            date: "2025-01-20T09:21:02.020+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.10",
            },
         },
         id: "WID-SEC-W-2024-1504",
         initial_release_date: "2024-07-01T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-07-01T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-07-02T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-07-03T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von Fedora aufgenommen",
            },
            {
               date: "2024-07-08T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-07-09T22:00:00.000+00:00",
               number: "5",
               summary: "Neue Updates von IBM und IBM-APAR aufgenommen",
            },
            {
               date: "2024-07-11T22:00:00.000+00:00",
               number: "6",
               summary: "Neue Updates von Fedora, IBM, SUSE, Debian und Ubuntu aufgenommen",
            },
            {
               date: "2024-07-18T22:00:00.000+00:00",
               number: "7",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-07-22T22:00:00.000+00:00",
               number: "8",
               summary: "Neue Updates von Amazon und SUSE aufgenommen",
            },
            {
               date: "2024-07-23T22:00:00.000+00:00",
               number: "9",
               summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen",
            },
            {
               date: "2024-07-24T22:00:00.000+00:00",
               number: "10",
               summary: "Neue Updates von Amazon und Red Hat aufgenommen",
            },
            {
               date: "2024-07-25T22:00:00.000+00:00",
               number: "11",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-07-28T22:00:00.000+00:00",
               number: "12",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-07-29T22:00:00.000+00:00",
               number: "13",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-07-31T22:00:00.000+00:00",
               number: "14",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-08-01T22:00:00.000+00:00",
               number: "15",
               summary: "Neue Updates von Fedora aufgenommen",
            },
            {
               date: "2024-08-04T22:00:00.000+00:00",
               number: "16",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-08-07T22:00:00.000+00:00",
               number: "17",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-08-08T22:00:00.000+00:00",
               number: "18",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-08-11T22:00:00.000+00:00",
               number: "19",
               summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen",
            },
            {
               date: "2024-08-13T22:00:00.000+00:00",
               number: "20",
               summary: "Neue Updates von Red Hat und F5 aufgenommen",
            },
            {
               date: "2024-08-14T22:00:00.000+00:00",
               number: "21",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-08-18T22:00:00.000+00:00",
               number: "22",
               summary: "Neue Updates von IBM aufgenommen",
            },
            {
               date: "2024-08-19T22:00:00.000+00:00",
               number: "23",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-08-21T22:00:00.000+00:00",
               number: "24",
               summary: "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-08-22T22:00:00.000+00:00",
               number: "25",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-08-25T22:00:00.000+00:00",
               number: "26",
               summary: "Neue Updates von F5 aufgenommen",
            },
            {
               date: "2024-09-01T22:00:00.000+00:00",
               number: "27",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-09-02T22:00:00.000+00:00",
               number: "28",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-03T22:00:00.000+00:00",
               number: "29",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-05T22:00:00.000+00:00",
               number: "30",
               summary: "Neue Updates von IBM, Red Hat und XEROX aufgenommen",
            },
            {
               date: "2024-09-08T22:00:00.000+00:00",
               number: "31",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-09T22:00:00.000+00:00",
               number: "32",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2024-09-11T22:00:00.000+00:00",
               number: "33",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-15T22:00:00.000+00:00",
               number: "34",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-09-18T22:00:00.000+00:00",
               number: "35",
               summary: "Neue Updates von Ubuntu aufgenommen",
            },
            {
               date: "2024-09-24T22:00:00.000+00:00",
               number: "36",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-25T22:00:00.000+00:00",
               number: "37",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-09-29T22:00:00.000+00:00",
               number: "38",
               summary: "Neue Updates von Gentoo aufgenommen",
            },
            {
               date: "2024-10-10T22:00:00.000+00:00",
               number: "39",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-10-13T22:00:00.000+00:00",
               number: "40",
               summary: "Neue Updates von IBM aufgenommen",
            },
            {
               date: "2024-10-17T22:00:00.000+00:00",
               number: "41",
               summary: "Neue Updates von Debian und Oracle Linux aufgenommen",
            },
            {
               date: "2024-10-30T23:00:00.000+00:00",
               number: "42",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-10-31T23:00:00.000+00:00",
               number: "43",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-11-03T23:00:00.000+00:00",
               number: "44",
               summary: "Neue Updates von HCL aufgenommen",
            },
            {
               date: "2024-11-10T23:00:00.000+00:00",
               number: "45",
               summary: "Neue Updates von Rocky Enterprise Software Foundation aufgenommen",
            },
            {
               date: "2024-11-18T23:00:00.000+00:00",
               number: "46",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2024-11-21T23:00:00.000+00:00",
               number: "47",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2024-12-04T23:00:00.000+00:00",
               number: "48",
               summary: "Neue Updates von Dell aufgenommen",
            },
            {
               date: "2024-12-05T23:00:00.000+00:00",
               number: "49",
               summary: "Neue Updates von SonicWall aufgenommen",
            },
            {
               date: "2024-12-15T23:00:00.000+00:00",
               number: "50",
               summary: "Referenz(en) aufgenommen: 7178940, 7178937, 7178941, 7178939, 7178938",
            },
            {
               date: "2024-12-17T23:00:00.000+00:00",
               number: "51",
               summary: "Neue Updates von Dell und XEROX aufgenommen",
            },
            {
               date: "2025-01-12T23:00:00.000+00:00",
               number: "52",
               summary: "Neue Updates von XEROX aufgenommen",
            },
            {
               date: "2025-01-19T23:00:00.000+00:00",
               number: "53",
               summary: "Neue Updates von HP aufgenommen",
            },
         ],
         status: "final",
         version: "53",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Amazon Linux 2",
                  product: {
                     name: "Amazon Linux 2",
                     product_id: "398363",
                     product_identification_helper: {
                        cpe: "cpe:/o:amazon:linux_2:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Amazon",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<2.4.60",
                        product: {
                           name: "Apache HTTP Server <2.4.60",
                           product_id: "T035727",
                        },
                     },
                     {
                        category: "product_version",
                        name: "2.4.60",
                        product: {
                           name: "Apache HTTP Server 2.4.60",
                           product_id: "T035727-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:apache:http_server:2.4.60",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HTTP Server",
               },
            ],
            category: "vendor",
            name: "Apache",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Debian Linux",
                  product: {
                     name: "Debian Linux",
                     product_id: "2951",
                     product_identification_helper: {
                        cpe: "cpe:/o:debian:debian_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Debian",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<3.8.1.3",
                        product: {
                           name: "Dell ECS <3.8.1.3",
                           product_id: "T039899",
                        },
                     },
                     {
                        category: "product_version",
                        name: "3.8.1.3",
                        product: {
                           name: "Dell ECS 3.8.1.3",
                           product_id: "T039899-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/h:dell:ecs:3.8.1.3",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "ECS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<19.10.0.5",
                        product: {
                           name: "Dell NetWorker <19.10.0.5",
                           product_id: "T038270",
                        },
                     },
                     {
                        category: "product_version",
                        name: "19.10.0.5",
                        product: {
                           name: "Dell NetWorker 19.10.0.5",
                           product_id: "T038270-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:networker:19.10.0.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "NetWorker",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Dell PowerScale",
                        product: {
                           name: "Dell PowerScale",
                           product_id: "T034610",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.8.0.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.8.0.1",
                           product_id: "T035762",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.8.0.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.8.0.1",
                           product_id: "T035762-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.8.0.1",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.4.0.20",
                        product: {
                           name: "Dell PowerScale OneFS <9.4.0.20",
                           product_id: "T038705",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.4.0.20",
                        product: {
                           name: "Dell PowerScale OneFS 9.4.0.20",
                           product_id: "T038705-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.4.0.20",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.5.1.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.5.1.1",
                           product_id: "T038706",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.5.1.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.5.1.1",
                           product_id: "T038706-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.5.1.1",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.7.1.3",
                        product: {
                           name: "Dell PowerScale OneFS <9.7.1.3",
                           product_id: "T039585",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.7.1.3",
                        product: {
                           name: "Dell PowerScale OneFS 9.7.1.3",
                           product_id: "T039585-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.7.1.3",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "OneFS <9.9.0.1",
                        product: {
                           name: "Dell PowerScale OneFS <9.9.0.1",
                           product_id: "T039586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "OneFS 9.9.0.1",
                        product: {
                           name: "Dell PowerScale OneFS 9.9.0.1",
                           product_id: "T039586-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:dell:powerscale_onefs:onefs__9.9.0.1",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "PowerScale",
               },
            ],
            category: "vendor",
            name: "Dell",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "F5 BIG-IP",
                        product: {
                           name: "F5 BIG-IP",
                           product_id: "T001663",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "17.1.0-17.1.1",
                        product: {
                           name: "F5 BIG-IP 17.1.0-17.1.1",
                           product_id: "T034899",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:17.1.0_-_17.1.1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "15.1.0-15.1.10",
                        product: {
                           name: "F5 BIG-IP 15.1.0-15.1.10",
                           product_id: "T034902",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:15.1.0_-_15.1.10",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "16.1.0-16.1.5",
                        product: {
                           name: "F5 BIG-IP 16.1.0-16.1.5",
                           product_id: "T037028",
                           product_identification_helper: {
                              cpe: "cpe:/a:f5:big-ip:16.1.0_-_16.1.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "BIG-IP",
               },
            ],
            category: "vendor",
            name: "F5",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Fedora Linux",
                  product: {
                     name: "Fedora Linux",
                     product_id: "74185",
                     product_identification_helper: {
                        cpe: "cpe:/o:fedoraproject:fedora:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Fedora",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Gentoo Linux",
                  product: {
                     name: "Gentoo Linux",
                     product_id: "T012167",
                     product_identification_helper: {
                        cpe: "cpe:/o:gentoo:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Gentoo",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "8.x",
                        product: {
                           name: "HCL Commerce 8.x",
                           product_id: "T038745",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:8.x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.0-9.0.1.21",
                        product: {
                           name: "HCL Commerce 9.0-9.0.1.21",
                           product_id: "T038746",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:9.0_-_9.0.1.21",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.1.0-9.1.15",
                        product: {
                           name: "HCL Commerce 9.1.0-9.1.15",
                           product_id: "T038747",
                           product_identification_helper: {
                              cpe: "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.15",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Commerce",
               },
            ],
            category: "vendor",
            name: "HCL",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<11.31",
                        product: {
                           name: "HPE HP-UX <11.31",
                           product_id: "T040402",
                        },
                     },
                     {
                        category: "product_version",
                        name: "11.31",
                        product: {
                           name: "HPE HP-UX 11.31",
                           product_id: "T040402-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:hp:hp-ux:11.31",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HP-UX",
               },
            ],
            category: "vendor",
            name: "HPE",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "IBM Business Automation Workflow",
                        product: {
                           name: "IBM Business Automation Workflow",
                           product_id: "T019704",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:business_automation_workflow:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "24.0.0",
                        product: {
                           name: "IBM Business Automation Workflow 24.0.0",
                           product_id: "T036570",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:business_automation_workflow:24.0.0",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Business Automation Workflow",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "8.5",
                        product: {
                           name: "IBM HTTP Server 8.5",
                           product_id: "T003676",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:http_server:8.5",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "9",
                        product: {
                           name: "IBM HTTP Server 9.0",
                           product_id: "T008162",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:http_server:9.0",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "HTTP Server",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<8.0.0.27",
                        product: {
                           name: "IBM Rational Build Forge <8.0.0.27",
                           product_id: "T038286",
                        },
                     },
                     {
                        category: "product_version",
                        name: "8.0.0.27",
                        product: {
                           name: "IBM Rational Build Forge 8.0.0.27",
                           product_id: "T038286-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Rational Build Forge",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "9.1-9.1.0.6",
                        product: {
                           name: "IBM Rational ClearQuest 9.1-9.1.0.6",
                           product_id: "T034074",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.6",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "10.0-10.0.5",
                        product: {
                           name: "IBM Rational ClearQuest 10.0-10.0.5",
                           product_id: "T034075",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.5",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Rational ClearQuest",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "6.3.0.7",
                        product: {
                           name: "IBM Tivoli Monitoring 6.3.0.7",
                           product_id: "342008",
                           product_identification_helper: {
                              cpe: "cpe:/a:ibm:tivoli_monitoring:6.3.0.7",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Tivoli Monitoring",
               },
            ],
            category: "vendor",
            name: "IBM",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Oracle Linux",
                  product: {
                     name: "Oracle Linux",
                     product_id: "T004914",
                     product_identification_helper: {
                        cpe: "cpe:/o:oracle:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "RESF Rocky Linux",
                  product: {
                     name: "RESF Rocky Linux",
                     product_id: "T032255",
                     product_identification_helper: {
                        cpe: "cpe:/o:resf:rocky_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "RESF",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<10.2.1.14-75sv",
                        product: {
                           name: "SonicWall SMA <10.2.1.14-75sv",
                           product_id: "T039602",
                        },
                     },
                     {
                        category: "product_version",
                        name: "10.2.1.14-75sv",
                        product: {
                           name: "SonicWall SMA 10.2.1.14-75sv",
                           product_id: "T039602-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:sonicwall:secure_mobile_access:10.2.1.14-75sv",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SMA",
               },
            ],
            category: "vendor",
            name: "SonicWall",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Ubuntu Linux",
                  product: {
                     name: "Ubuntu Linux",
                     product_id: "T000126",
                     product_identification_helper: {
                        cpe: "cpe:/o:canonical:ubuntu_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Ubuntu",
         },
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Xerox FreeFlow Print Server",
                        product: {
                           name: "Xerox FreeFlow Print Server",
                           product_id: "T010509",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:-",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "v9",
                        product: {
                           name: "Xerox FreeFlow Print Server v9",
                           product_id: "T015632",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:v9",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "v9 for Solaris",
                        product: {
                           name: "Xerox FreeFlow Print Server v9 for Solaris",
                           product_id: "T028053",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<9.0 SP-3 (93.M3.14.86)",
                        product: {
                           name: "Xerox FreeFlow Print Server <9.0 SP-3 (93.M3.14.86)",
                           product_id: "T039896",
                        },
                     },
                     {
                        category: "product_version",
                        name: "9.0 SP-3 (93.M3.14.86)",
                        product: {
                           name: "Xerox FreeFlow Print Server 9.0 SP-3 (93.M3.14.86)",
                           product_id: "T039896-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:xerox:freeflow_print_server:9.0_sp-3_%2893.m3.14.86%29",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FreeFlow Print Server",
               },
            ],
            category: "vendor",
            name: "Xerox",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-38709",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2023-38709",
      },
      {
         cve: "CVE-2024-36387",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38472",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-39573",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen im Apache HTTP Server. Diese Fehler bestehen in mehreren Komponenten wie dem Websocket, den Backreferences oder dem mod_rewrite Proxy-Handler, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL- Pointer-Dereferenz, einer serverseitigen Request Forgery oder einem Proxy-Codierungsproblem und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, die Authentifizierung zu umgehen oder vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "T038706",
               "T038747",
               "67646",
               "T034902",
               "T038746",
               "T038705",
               "T038745",
               "T039899",
               "T004914",
               "T039896",
               "T038286",
               "T001663",
               "398363",
               "342008",
               "T010509",
               "T034899",
               "T028053",
               "T034610",
               "T035727",
               "T003676",
               "T015632",
               "T034075",
               "T037028",
               "T012167",
               "T034074",
               "T039602",
               "T039586",
               "T032255",
               "T039585",
               "74185",
               "T035762",
               "T036570",
               "2951",
               "T002207",
               "T000126",
               "T019704",
               "T038270",
               "T040402",
               "T008162",
            ],
         },
         release_date: "2024-07-01T22:00:00.000+00:00",
         title: "CVE-2024-39573",
      },
   ],
}

rhsa-2024_8680

Vulnerability from csaf_redhat

Published

2024-10-31 00:08

Modified

2024-11-25 02:51

Summary

Red Hat Security Advisory: mod_http2 security update

Notes

Topic

An update for mod_http2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://access.redhat.com/security/updates/classification/",
         text: "Low",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright © Red Hat, Inc. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "An update for mod_http2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
            title: "Topic",
         },
         {
            category: "general",
            text: "The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.\n\nSecurity Fix(es):\n\n* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
            title: "Details",
         },
         {
            category: "legal_disclaimer",
            text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://access.redhat.com/security/team/contact/",
         issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
         name: "Red Hat Product Security",
         namespace: "https://www.redhat.com",
      },
      references: [
         {
            category: "self",
            summary: "https://access.redhat.com/errata/RHSA-2024:8680",
            url: "https://access.redhat.com/errata/RHSA-2024:8680",
         },
         {
            category: "external",
            summary: "https://access.redhat.com/security/updates/classification/#low",
            url: "https://access.redhat.com/security/updates/classification/#low",
         },
         {
            category: "external",
            summary: "2295006",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "self",
            summary: "Canonical URL",
            url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8680.json",
         },
      ],
      title: "Red Hat Security Advisory: mod_http2 security update",
      tracking: {
         current_release_date: "2024-11-25T02:51:59+00:00",
         generator: {
            date: "2024-11-25T02:51:59+00:00",
            engine: {
               name: "Red Hat SDEngine",
               version: "4.2.1",
            },
         },
         id: "RHSA-2024:8680",
         initial_release_date: "2024-10-31T00:08:06+00:00",
         revision_history: [
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "1",
               summary: "Initial version",
            },
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "2",
               summary: "Last updated version",
            },
            {
               date: "2024-11-25T02:51:59+00:00",
               number: "3",
               summary: "Last generated version",
            },
         ],
         status: "final",
         version: "3",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Red Hat Enterprise Linux AppStream (v. 9)",
                        product: {
                           name: "Red Hat Enterprise Linux AppStream (v. 9)",
                           product_id: "AppStream-9.4.0.Z.MAIN.EUS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:enterprise_linux:9::appstream",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "Red Hat Enterprise Linux",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=src",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "src",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.src",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         discovery_date: "2024-07-01T19:20:21+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2295006",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "mod_http2: DoS by null pointer in websocket over HTTP/2",
               title: "Vulnerability summary",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "RHBZ#2295006",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://httpd.apache.org/security/vulnerabilities_24.html",
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
         ],
         release_date: "2024-07-01T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2024-10-31T00:08:06+00:00",
               details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2024:8680",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "mod_http2: DoS by null pointer in websocket over HTTP/2",
      },
   ],
}

RHSA-2024:8680

Vulnerability from csaf_redhat

Published

2024-10-31 00:08

Modified

2025-04-02 22:19

Summary

Red Hat Security Advisory: mod_http2 security update

Notes

Topic

Details

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://access.redhat.com/security/updates/classification/",
         text: "Low",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright © Red Hat, Inc. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "An update for mod_http2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
            title: "Topic",
         },
         {
            category: "general",
            text: "The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.\n\nSecurity Fix(es):\n\n* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
            title: "Details",
         },
         {
            category: "legal_disclaimer",
            text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://access.redhat.com/security/team/contact/",
         issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
         name: "Red Hat Product Security",
         namespace: "https://www.redhat.com",
      },
      references: [
         {
            category: "self",
            summary: "https://access.redhat.com/errata/RHSA-2024:8680",
            url: "https://access.redhat.com/errata/RHSA-2024:8680",
         },
         {
            category: "external",
            summary: "https://access.redhat.com/security/updates/classification/#low",
            url: "https://access.redhat.com/security/updates/classification/#low",
         },
         {
            category: "external",
            summary: "2295006",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "self",
            summary: "Canonical URL",
            url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8680.json",
         },
      ],
      title: "Red Hat Security Advisory: mod_http2 security update",
      tracking: {
         current_release_date: "2025-04-02T22:19:34+00:00",
         generator: {
            date: "2025-04-02T22:19:34+00:00",
            engine: {
               name: "Red Hat SDEngine",
               version: "4.4.2",
            },
         },
         id: "RHSA-2024:8680",
         initial_release_date: "2024-10-31T00:08:06+00:00",
         revision_history: [
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "1",
               summary: "Initial version",
            },
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "2",
               summary: "Last updated version",
            },
            {
               date: "2025-04-02T22:19:34+00:00",
               number: "3",
               summary: "Last generated version",
            },
         ],
         status: "final",
         version: "3",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Red Hat Enterprise Linux AppStream (v. 9)",
                        product: {
                           name: "Red Hat Enterprise Linux AppStream (v. 9)",
                           product_id: "AppStream-9.4.0.Z.MAIN.EUS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:enterprise_linux:9::appstream",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "Red Hat Enterprise Linux",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=src",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "src",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.src",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         discovery_date: "2024-07-01T19:20:21+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2295006",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "mod_http2: DoS by null pointer in websocket over HTTP/2",
               title: "Vulnerability summary",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "RHBZ#2295006",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://httpd.apache.org/security/vulnerabilities_24.html",
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
         ],
         release_date: "2024-07-01T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2024-10-31T00:08:06+00:00",
               details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2024:8680",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "mod_http2: DoS by null pointer in websocket over HTTP/2",
      },
   ],
}

rhsa-2025:3452

Vulnerability from csaf_redhat

Published

2025-04-02 17:15

Modified

2025-04-02 22:20

Summary

Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update

Notes

Topic

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Security Fix(es): * openssl: SSL_select_next_proto buffer overread (CVE-2024-5535) * mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://access.redhat.com/security/updates/classification/",
         text: "Low",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright © Red Hat, Inc. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
            title: "Topic",
         },
         {
            category: "general",
            text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)\n* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
            title: "Details",
         },
         {
            category: "legal_disclaimer",
            text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://access.redhat.com/security/team/contact/",
         issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
         name: "Red Hat Product Security",
         namespace: "https://www.redhat.com",
      },
      references: [
         {
            category: "self",
            summary: "https://access.redhat.com/errata/RHSA-2025:3452",
            url: "https://access.redhat.com/errata/RHSA-2025:3452",
         },
         {
            category: "external",
            summary: "https://access.redhat.com/security/updates/classification/#low",
            url: "https://access.redhat.com/security/updates/classification/#low",
         },
         {
            category: "external",
            summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_release_notes/index",
            url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_release_notes/index",
         },
         {
            category: "external",
            summary: "2294581",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581",
         },
         {
            category: "external",
            summary: "2295006",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "self",
            summary: "Canonical URL",
            url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3452.json",
         },
      ],
      title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update",
      tracking: {
         current_release_date: "2025-04-02T22:20:27+00:00",
         generator: {
            date: "2025-04-02T22:20:27+00:00",
            engine: {
               name: "Red Hat SDEngine",
               version: "4.4.2",
            },
         },
         id: "RHSA-2025:3452",
         initial_release_date: "2025-04-02T17:15:43+00:00",
         revision_history: [
            {
               date: "2025-04-02T17:15:43+00:00",
               number: "1",
               summary: "Initial version",
            },
            {
               date: "2025-04-02T17:15:43+00:00",
               number: "2",
               summary: "Last updated version",
            },
            {
               date: "2025-04-02T22:20:27+00:00",
               number: "3",
               summary: "Last generated version",
            },
         ],
         status: "final",
         version: "3",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Red Hat JBoss Core Services on RHEL 7 Server",
                        product: {
                           name: "Red Hat JBoss Core Services on RHEL 7 Server",
                           product_id: "7Server-JBCS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:jboss_core_services:1::el7",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "Red Hat JBoss Core Services on RHEL 8",
                        product: {
                           name: "Red Hat JBoss Core Services on RHEL 8",
                           product_id: "8Base-JBCS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:jboss_core_services:1::el8",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "Red Hat JBoss Core Services",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                           product_id: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.5-3.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                           product_id: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-19.el7jbcs?arch=src&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                           product_id: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.64.0-2.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                           product_id: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-4.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                           product_id: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.3-2.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                           product_id: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-23.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                           product_id: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.12-3.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                           product_id: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-curl@8.11.0-2.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                           product_id: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                           product_id: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@2.0.29-3.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                           product_id: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-8.redhat_1.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                           product_id: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.28-9.el7jbcs?arch=src&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.22-3.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                           product_id: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.6-10.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                        product: {
                           name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                           product_id: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-brotli@1.1.0-5.el7jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                           product_id: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.5-3.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                           product_id: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.3-2.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                           product_id: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                           product_id: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@2.0.29-3.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                           product_id: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.50-8.redhat_1.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                           product_id: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.28-9.el8jbcs?arch=src&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.22-3.el8jbcs?arch=src",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                        product: {
                           name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                           product_id: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.6-10.el8jbcs?arch=src",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "src",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.5-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.7.5-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.7.5-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-19.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.64.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.64.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.64.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-4.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.14-4.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.14-4.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.3-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-23.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-23.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.12-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.12-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-curl@8.11.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-libcurl@8.11.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@8.11.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@8.11.0-2.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.62-5.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.62-5.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.62-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@2.0.29-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@2.0.29-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.50-8.redhat_1.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.50-8.redhat_1.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.28-9.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.28-9.el7jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.22-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.22-3.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.6-10.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.6-10.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-brotli@1.1.0-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.1.0-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                           product_id: "jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.1.0-5.el7jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.5-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.7.5-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.7.5-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.3-2.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.62-5.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.62-5.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.62-5.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.62-5.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.62-5.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2@2.0.29-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@2.0.29-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.50-8.redhat_1.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.50-8.redhat_1.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.28-9.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.28-9.el8jbcs?arch=x86_64&epoch=1",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.22-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.22-3.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.6-10.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                        product: {
                           name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                           product_id: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.6-10.el8jbcs?arch=x86_64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                        product: {
                           name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                           product_id: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.62-5.el7jbcs?arch=noarch",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                        product: {
                           name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                           product_id: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.62-5.el8jbcs?arch=noarch",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
            },
            product_reference: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
            },
            product_reference: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
               product_id: "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
            relates_to_product_reference: "7Server-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
            },
            product_reference: "jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
            },
            product_reference: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
               product_id: "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            },
            product_reference: "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            relates_to_product_reference: "8Base-JBCS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-5535",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         discovery_date: "2024-06-27T00:00:00+00:00",
         flags: [
            {
               label: "vulnerable_code_not_present",
               product_ids: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
            },
         ],
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2294581",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "openssl: SSL_select_next_proto buffer overread",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "The FIPS modules in versions 3.3, 3.2, 3.1, and 3.0 are not affected by this issue.\nThe packages shim and shim-unsigned-x64 are not impacted by this CVE, as the affected OpenSSL code path is not utilized.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
            ],
            known_not_affected: [
               "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
               "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
               "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-5535",
            },
            {
               category: "external",
               summary: "RHBZ#2294581",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-5535",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-5535",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535",
            },
            {
               category: "external",
               summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
               url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
            },
         ],
         release_date: "2024-06-27T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:15:43+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3452",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "openssl: SSL_select_next_proto buffer overread",
      },
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         discovery_date: "2024-07-01T19:20:21+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2295006",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "mod_http2: DoS by null pointer in websocket over HTTP/2",
               title: "Vulnerability summary",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
               "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
               "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
               "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
               "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
               "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "RHBZ#2295006",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://httpd.apache.org/security/vulnerabilities_24.html",
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
         ],
         release_date: "2024-07-01T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:15:43+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3452",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-brotli-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.1.0-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-curl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el7jbcs.noarch",
                  "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-4.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:8.11.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.50-8.redhat_1.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.64.0-2.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-23.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-19.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.src",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.12-3.el7jbcs.x86_64",
                  "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-19.el7jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.5-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.3-2.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.62-5.el8jbcs.noarch",
                  "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:2.0.29-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.50-8.redhat_1.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.50-8.redhat_1.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.28-9.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.22-3.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.src",
                  "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.6-10.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.62-5.el8jbcs.x86_64",
                  "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.62-5.el8jbcs.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "mod_http2: DoS by null pointer in websocket over HTTP/2",
      },
   ],
}

rhsa-2024:8680

Vulnerability from csaf_redhat

Published

2024-10-31 00:08

Modified

2025-04-02 22:19

Summary

Red Hat Security Advisory: mod_http2 security update

Notes

Topic

Details

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://access.redhat.com/security/updates/classification/",
         text: "Low",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright © Red Hat, Inc. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "An update for mod_http2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
            title: "Topic",
         },
         {
            category: "general",
            text: "The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.\n\nSecurity Fix(es):\n\n* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
            title: "Details",
         },
         {
            category: "legal_disclaimer",
            text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://access.redhat.com/security/team/contact/",
         issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
         name: "Red Hat Product Security",
         namespace: "https://www.redhat.com",
      },
      references: [
         {
            category: "self",
            summary: "https://access.redhat.com/errata/RHSA-2024:8680",
            url: "https://access.redhat.com/errata/RHSA-2024:8680",
         },
         {
            category: "external",
            summary: "https://access.redhat.com/security/updates/classification/#low",
            url: "https://access.redhat.com/security/updates/classification/#low",
         },
         {
            category: "external",
            summary: "2295006",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "self",
            summary: "Canonical URL",
            url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8680.json",
         },
      ],
      title: "Red Hat Security Advisory: mod_http2 security update",
      tracking: {
         current_release_date: "2025-04-02T22:19:34+00:00",
         generator: {
            date: "2025-04-02T22:19:34+00:00",
            engine: {
               name: "Red Hat SDEngine",
               version: "4.4.2",
            },
         },
         id: "RHSA-2024:8680",
         initial_release_date: "2024-10-31T00:08:06+00:00",
         revision_history: [
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "1",
               summary: "Initial version",
            },
            {
               date: "2024-10-31T00:08:06+00:00",
               number: "2",
               summary: "Last updated version",
            },
            {
               date: "2025-04-02T22:19:34+00:00",
               number: "3",
               summary: "Last generated version",
            },
         ],
         status: "final",
         version: "3",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Red Hat Enterprise Linux AppStream (v. 9)",
                        product: {
                           name: "Red Hat Enterprise Linux AppStream (v. 9)",
                           product_id: "AppStream-9.4.0.Z.MAIN.EUS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:enterprise_linux:9::appstream",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "Red Hat Enterprise Linux",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.src",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=src",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "src",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=aarch64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=ppc64le",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=x86_64",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debugsource@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                        product: {
                           name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_id: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                           product_identification_helper: {
                              purl: "pkg:rpm/redhat/mod_http2-debuginfo@2.0.26-2.el9_4.1?arch=s390x",
                           },
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.src",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
               product_id: "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            },
            product_reference: "mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            relates_to_product_reference: "AppStream-9.4.0.Z.MAIN.EUS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         discovery_date: "2024-07-01T19:20:21+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2295006",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "mod_http2: DoS by null pointer in websocket over HTTP/2",
               title: "Vulnerability summary",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
               "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "RHBZ#2295006",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://httpd.apache.org/security/vulnerabilities_24.html",
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
         ],
         release_date: "2024-07-01T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2024-10-31T00:08:06+00:00",
               details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2024:8680",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.src",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debuginfo-0:2.0.26-2.el9_4.1.x86_64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.aarch64",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.ppc64le",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.s390x",
                  "AppStream-9.4.0.Z.MAIN.EUS:mod_http2-debugsource-0:2.0.26-2.el9_4.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "mod_http2: DoS by null pointer in websocket over HTTP/2",
      },
   ],
}

rhsa-2025:3453

Vulnerability from csaf_redhat

Published

2025-04-02 17:06

Modified

2025-04-04 18:11

Summary

Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update

Notes

Topic

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * expat: parsing large tokens can trigger a denial of service (CVE-2023-52425) * expat: Negative Length Parsing Vulnerability in libexpat (CVE-2024-45490) * libxml2: libxml2: Use-After-Free in libxml2 (CVE-2024-56171) * libxml2: libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928) * mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387) * openssl: SSL_select_next_proto buffer overread (CVE-2024-5535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://access.redhat.com/security/updates/classification/",
         text: "Important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright © Red Hat, Inc. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Red Hat JBoss Core Services Apache HTTP Server 2.4.62 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
            title: "Topic",
         },
         {
            category: "general",
            text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)\n* expat: Negative Length Parsing Vulnerability in libexpat (CVE-2024-45490)\n* libxml2: libxml2: Use-After-Free in libxml2 (CVE-2024-56171)\n* libxml2: libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 (CVE-2025-24928)\n* mod_http2: DoS by null pointer in websocket over HTTP/2 (CVE-2024-36387)\n* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
            title: "Details",
         },
         {
            category: "legal_disclaimer",
            text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://access.redhat.com/security/team/contact/",
         issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
         name: "Red Hat Product Security",
         namespace: "https://www.redhat.com",
      },
      references: [
         {
            category: "self",
            summary: "https://access.redhat.com/errata/RHSA-2025:3453",
            url: "https://access.redhat.com/errata/RHSA-2025:3453",
         },
         {
            category: "external",
            summary: "https://access.redhat.com/security/updates/classification/#important",
            url: "https://access.redhat.com/security/updates/classification/#important",
         },
         {
            category: "external",
            summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_release_notes/index",
            url: "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_release_notes/index",
         },
         {
            category: "external",
            summary: "2262877",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262877",
         },
         {
            category: "external",
            summary: "2294581",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581",
         },
         {
            category: "external",
            summary: "2295006",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
         },
         {
            category: "external",
            summary: "2308615",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308615",
         },
         {
            category: "external",
            summary: "2346416",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346416",
         },
         {
            category: "external",
            summary: "2346421",
            url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346421",
         },
         {
            category: "self",
            summary: "Canonical URL",
            url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3453.json",
         },
      ],
      title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 security update",
      tracking: {
         current_release_date: "2025-04-04T18:11:11+00:00",
         generator: {
            date: "2025-04-04T18:11:11+00:00",
            engine: {
               name: "Red Hat SDEngine",
               version: "4.4.2",
            },
         },
         id: "RHSA-2025:3453",
         initial_release_date: "2025-04-02T17:06:49+00:00",
         revision_history: [
            {
               date: "2025-04-02T17:06:49+00:00",
               number: "1",
               summary: "Initial version",
            },
            {
               date: "2025-04-02T17:06:49+00:00",
               number: "2",
               summary: "Last updated version",
            },
            {
               date: "2025-04-04T18:11:11+00:00",
               number: "3",
               summary: "Last generated version",
            },
         ],
         status: "final",
         version: "3",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "Text-Only JBCS",
                        product: {
                           name: "Text-Only JBCS",
                           product_id: "Text-Only JBCS",
                           product_identification_helper: {
                              cpe: "cpe:/a:redhat:jboss_core_services:1",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "Red Hat JBoss Core Services",
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-52425",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         discovery_date: "2024-02-05T00:00:00+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2262877",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to re-parse the token from start numerous times. This process may trigger excessive resource consumption, leading to a denial of service.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "expat: parsing large tokens can trigger a denial of service",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "The identified flaw in Expat presents a moderate severity issue due to its potential to facilitate resource exhaustion attacks, particularly in scenarios involving parsing large tokens requiring multiple buffer fills. As Expat repeatedly re-parses such tokens from the beginning, it results in disproportionate resource consumption, leading to a denial-of-service (DoS) condition. While the impact is significant, the exploitation requires specific conditions, such as parsing large tokens, which may not always align with typical usage patterns.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2023-52425",
            },
            {
               category: "external",
               summary: "RHBZ#2262877",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262877",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2023-52425",
               url: "https://www.cve.org/CVERecord?id=CVE-2023-52425",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52425",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52425",
            },
         ],
         release_date: "2024-02-04T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "Text-Only JBCS",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Moderate",
            },
         ],
         title: "expat: parsing large tokens can trigger a denial of service",
      },
      {
         cve: "CVE-2024-5535",
         cwe: {
            id: "CWE-200",
            name: "Exposure of Sensitive Information to an Unauthorized Actor",
         },
         discovery_date: "2024-06-27T00:00:00+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2294581",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "openssl: SSL_select_next_proto buffer overread",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "The FIPS modules in versions 3.3, 3.2, 3.1, and 3.0 are not affected by this issue.\nThe packages shim and shim-unsigned-x64 are not impacted by this CVE, as the affected OpenSSL code path is not utilized.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-5535",
            },
            {
               category: "external",
               summary: "RHBZ#2294581",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-5535",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-5535",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535",
            },
            {
               category: "external",
               summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
               url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
            },
         ],
         release_date: "2024-06-27T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "Text-Only JBCS",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "openssl: SSL_select_next_proto buffer overread",
      },
      {
         cve: "CVE-2024-36387",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         discovery_date: "2024-07-01T19:20:21+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2295006",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "mod_http2: DoS by null pointer in websocket over HTTP/2",
               title: "Vulnerability summary",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "RHBZ#2295006",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295006",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "https://httpd.apache.org/security/vulnerabilities_24.html",
               url: "https://httpd.apache.org/security/vulnerabilities_24.html",
            },
         ],
         release_date: "2024-07-01T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "Text-Only JBCS",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Low",
            },
         ],
         title: "mod_http2: DoS by null pointer in websocket over HTTP/2",
      },
      {
         cve: "CVE-2024-45490",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         discovery_date: "2024-08-30T03:20:06.675968+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2308615",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "libexpat: Negative Length Parsing Vulnerability in libexpat",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "The CVE-2024-45490 vulnerability is rated as moderate severity because while it allows for memory corruption through improper argument handling in XML_ParseBuffer, the exploitability is limited. Specifically, it requires an unlikely scenario where the input passed to the function has a negative length (len < 0), which would typically not occur in well-formed applications. Moreover, while the impact includes denial of service (DoS), the conditions necessary for arbitrary code execution are non-trivial, requiring specific exploitation of memory corruption. Since it primarily leads to application crashes without an easily accessible attack vector for remote code execution, the risk is lower compared to higher-severity vulnerabilities that offer more direct pathways to exploitation.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-45490",
            },
            {
               category: "external",
               summary: "RHBZ#2308615",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2308615",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-45490",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-45490",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
            },
            {
               category: "external",
               summary: "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
               url: "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
            },
            {
               category: "external",
               summary: "https://github.com/libexpat/libexpat/issues/887",
               url: "https://github.com/libexpat/libexpat/issues/887",
            },
            {
               category: "external",
               summary: "https://github.com/libexpat/libexpat/pull/890",
               url: "https://github.com/libexpat/libexpat/pull/890",
            },
         ],
         release_date: "2024-08-30T03:15:03.757000+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
            {
               category: "workaround",
               details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
               product_ids: [
                  "Text-Only JBCS",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Moderate",
            },
         ],
         title: "libexpat: Negative Length Parsing Vulnerability in libexpat",
      },
      {
         cve: "CVE-2024-56171",
         cwe: {
            id: "CWE-416",
            name: "Use After Free",
         },
         discovery_date: "2025-02-18T23:01:25.366636+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2346416",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "libxml2: Use-After-Free in libxml2",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2024-56171",
            },
            {
               category: "external",
               summary: "RHBZ#2346416",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346416",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2024-56171",
               url: "https://www.cve.org/CVERecord?id=CVE-2024-56171",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171",
            },
            {
               category: "external",
               summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828",
               url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828",
            },
         ],
         release_date: "2025-02-18T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Important",
            },
         ],
         title: "libxml2: Use-After-Free in libxml2",
      },
      {
         cve: "CVE-2025-24928",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         discovery_date: "2025-02-18T23:01:36.502916+00:00",
         ids: [
            {
               system_name: "Red Hat Bugzilla ID",
               text: "2346421",
            },
         ],
         notes: [
            {
               category: "description",
               text: "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.",
               title: "Vulnerability description",
            },
            {
               category: "summary",
               text: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2",
               title: "Vulnerability summary",
            },
            {
               category: "other",
               text: "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.",
               title: "Statement",
            },
            {
               category: "general",
               text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
               title: "CVSS score applicability",
            },
         ],
         product_status: {
            fixed: [
               "Text-Only JBCS",
            ],
         },
         references: [
            {
               category: "self",
               summary: "Canonical URL",
               url: "https://access.redhat.com/security/cve/CVE-2025-24928",
            },
            {
               category: "external",
               summary: "RHBZ#2346421",
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346421",
            },
            {
               category: "external",
               summary: "https://www.cve.org/CVERecord?id=CVE-2025-24928",
               url: "https://www.cve.org/CVERecord?id=CVE-2025-24928",
            },
            {
               category: "external",
               summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928",
               url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928",
            },
            {
               category: "external",
               summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847",
               url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847",
            },
            {
               category: "external",
               summary: "https://issues.oss-fuzz.com/issues/392687022",
               url: "https://issues.oss-fuzz.com/issues/392687022",
            },
         ],
         release_date: "2025-02-18T00:00:00+00:00",
         remediations: [
            {
               category: "vendor_fix",
               date: "2025-04-02T17:06:49+00:00",
               details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
               product_ids: [
                  "Text-Only JBCS",
               ],
               restart_required: {
                  category: "none",
               },
               url: "https://access.redhat.com/errata/RHSA-2025:3453",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "Text-Only JBCS",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               details: "Important",
            },
         ],
         title: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2",
      },
   ],
}

opensuse-su-2024:14116-1

Vulnerability from csaf_opensuse

Published

2024-07-09 00:00

Modified

2024-07-09 00:00

Summary

apache2-2.4.61-1.1 on GA media

Notes

Title of the patch

apache2-2.4.61-1.1 on GA media

Description of the patch

These are all security issues fixed in the apache2-2.4.61-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14116

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "apache2-2.4.61-1.1 on GA media",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "These are all security issues fixed in the apache2-2.4.61-1.1 package on the GA media of openSUSE Tumbleweed.",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "openSUSE-Tumbleweed-2024-14116",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14116-1.json",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-36387 page",
            url: "https://www.suse.com/security/cve/CVE-2024-36387/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38472 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38472/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38473 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38473/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38474 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38474/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38475 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38475/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38476 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38476/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38477 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38477/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-39573 page",
            url: "https://www.suse.com/security/cve/CVE-2024-39573/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-39884 page",
            url: "https://www.suse.com/security/cve/CVE-2024-39884/",
         },
      ],
      title: "apache2-2.4.61-1.1 on GA media",
      tracking: {
         current_release_date: "2024-07-09T00:00:00Z",
         generator: {
            date: "2024-07-09T00:00:00Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "openSUSE-SU-2024:14116-1",
         initial_release_date: "2024-07-09T00:00:00Z",
         revision_history: [
            {
               date: "2024-07-09T00:00:00Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.61-1.1.aarch64",
                        product: {
                           name: "apache2-2.4.61-1.1.aarch64",
                           product_id: "apache2-2.4.61-1.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.61-1.1.ppc64le",
                        product: {
                           name: "apache2-2.4.61-1.1.ppc64le",
                           product_id: "apache2-2.4.61-1.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.61-1.1.s390x",
                        product: {
                           name: "apache2-2.4.61-1.1.s390x",
                           product_id: "apache2-2.4.61-1.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.61-1.1.x86_64",
                        product: {
                           name: "apache2-2.4.61-1.1.x86_64",
                           product_id: "apache2-2.4.61-1.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "openSUSE Tumbleweed",
                        product: {
                           name: "openSUSE Tumbleweed",
                           product_id: "openSUSE Tumbleweed",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:tumbleweed",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.61-1.1.aarch64 as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
            },
            product_reference: "apache2-2.4.61-1.1.aarch64",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.61-1.1.ppc64le as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
            },
            product_reference: "apache2-2.4.61-1.1.ppc64le",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.61-1.1.s390x as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
            },
            product_reference: "apache2-2.4.61-1.1.s390x",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.61-1.1.x86_64 as component of openSUSE Tumbleweed",
               product_id: "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            },
            product_reference: "apache2-2.4.61-1.1.x86_64",
            relates_to_product_reference: "openSUSE Tumbleweed",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-36387",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-36387",
               url: "https://www.suse.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227272 for CVE-2024-36387",
               url: "https://bugzilla.suse.com/1227272",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38472",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38472",
            },
         ],
         notes: [
            {
               category: "general",
               text: "SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and  malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.   Note: Existing configurations that access UNC paths will have to configure new directive \"UNCList\" to allow access during request processing.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38472",
               url: "https://www.suse.com/security/cve/CVE-2024-38472",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227267 for CVE-2024-38472",
               url: "https://bugzilla.suse.com/1227267",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38472",
      },
      {
         cve: "CVE-2024-38473",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38473",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38473",
               url: "https://www.suse.com/security/cve/CVE-2024-38473",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227276 for CVE-2024-38473",
               url: "https://bugzilla.suse.com/1227276",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-38473",
      },
      {
         cve: "CVE-2024-38474",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38474",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any  URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38474",
               url: "https://www.suse.com/security/cve/CVE-2024-38474",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227278 for CVE-2024-38474",
               url: "https://bugzilla.suse.com/1227278",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38474",
      },
      {
         cve: "CVE-2024-38475",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38475",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are  permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \n\nSubstitutions in  server context that use a backreferences or variables as the first segment of the substitution are affected.   Some unsafe RewiteRules will be broken by this change and the rewrite flag \"UnsafePrefixStat\" can be used to opt back in once ensuring the substitution is appropriately constrained.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38475",
               url: "https://www.suse.com/security/cve/CVE-2024-38475",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227268 for CVE-2024-38475",
               url: "https://bugzilla.suse.com/1227268",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38476",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via  backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38476",
               url: "https://www.suse.com/security/cve/CVE-2024-38476",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227269 for CVE-2024-38476",
               url: "https://bugzilla.suse.com/1227269",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38476",
      },
      {
         cve: "CVE-2024-38477",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38477",
            },
         ],
         notes: [
            {
               category: "general",
               text: "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38477",
               url: "https://www.suse.com/security/cve/CVE-2024-38477",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227270 for CVE-2024-38477",
               url: "https://bugzilla.suse.com/1227270",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38477",
      },
      {
         cve: "CVE-2024-39573",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-39573",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-39573",
               url: "https://www.suse.com/security/cve/CVE-2024-39573",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227271 for CVE-2024-39573",
               url: "https://bugzilla.suse.com/1227271",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-39573",
      },
      {
         cve: "CVE-2024-39884",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-39884",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers.     \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.61, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
               "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-39884",
               url: "https://www.suse.com/security/cve/CVE-2024-39884",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227353 for CVE-2024-39884",
               url: "https://bugzilla.suse.com/1227353",
            },
            {
               category: "external",
               summary: "SUSE Bug 1228097 for CVE-2024-39884",
               url: "https://bugzilla.suse.com/1228097",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.aarch64",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.ppc64le",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.s390x",
                  "openSUSE Tumbleweed:apache2-2.4.61-1.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-09T00:00:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-39884",
      },
   ],
}

suse-su-2024:2597-1

Vulnerability from csaf_suse

Published

2024-07-23 07:04

Modified

2024-07-23 07:04

Summary

Security update for apache2

Notes

Title of the patch

Security update for apache2

Description of the patch

This update for apache2 fixes the following issues: - CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 (bsc#1227272) - CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) - CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269)

Patchnames

SUSE-2024-2597,SUSE-SLE-Module-Basesystem-15-SP6-2024-2597,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2597,SUSE-SLE-Module-Server-Applications-15-SP6-2024-2597,openSUSE-SLE-15.6-2024-2597

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for apache2",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for apache2 fixes the following issues:\n\n- CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 (bsc#1227272)\n- CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268)\n- CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269)\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-2597,SUSE-SLE-Module-Basesystem-15-SP6-2024-2597,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2597,SUSE-SLE-Module-Server-Applications-15-SP6-2024-2597,openSUSE-SLE-15.6-2024-2597",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2597-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:2597-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20242597-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:2597-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-July/036107.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227268",
            url: "https://bugzilla.suse.com/1227268",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227269",
            url: "https://bugzilla.suse.com/1227269",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227272",
            url: "https://bugzilla.suse.com/1227272",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-36387 page",
            url: "https://www.suse.com/security/cve/CVE-2024-36387/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38475 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38475/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38476 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38476/",
         },
      ],
      title: "Security update for apache2",
      tracking: {
         current_release_date: "2024-07-23T07:04:00Z",
         generator: {
            date: "2024-07-23T07:04:00Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:2597-1",
         initial_release_date: "2024-07-23T07:04:00Z",
         revision_history: [
            {
               date: "2024-07-23T07:04:00Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-devel-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-devel-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-devel-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-event-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-event-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-event-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-utils-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-utils-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-utils-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-worker-2.4.58-150600.5.18.1.aarch64",
                        product: {
                           name: "apache2-worker-2.4.58-150600.5.18.1.aarch64",
                           product_id: "apache2-worker-2.4.58-150600.5.18.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-2.4.58-150600.5.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-devel-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-devel-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-devel-2.4.58-150600.5.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-event-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-event-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-event-2.4.58-150600.5.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-prefork-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-prefork-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-prefork-2.4.58-150600.5.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-utils-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-utils-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-utils-2.4.58-150600.5.18.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-worker-2.4.58-150600.5.18.1.i586",
                        product: {
                           name: "apache2-worker-2.4.58-150600.5.18.1.i586",
                           product_id: "apache2-worker-2.4.58-150600.5.18.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-manual-2.4.58-150600.5.18.1.noarch",
                        product: {
                           name: "apache2-manual-2.4.58-150600.5.18.1.noarch",
                           product_id: "apache2-manual-2.4.58-150600.5.18.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-event-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-event-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-event-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                        product: {
                           name: "apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                           product_id: "apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-devel-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-devel-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-devel-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-event-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-event-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-event-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-prefork-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-prefork-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-prefork-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-utils-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-utils-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-utils-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-worker-2.4.58-150600.5.18.1.s390x",
                        product: {
                           name: "apache2-worker-2.4.58-150600.5.18.1.s390x",
                           product_id: "apache2-worker-2.4.58-150600.5.18.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "apache2-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-devel-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-devel-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-devel-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-event-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-event-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-event-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-utils-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-utils-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-utils-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "apache2-worker-2.4.58-150600.5.18.1.x86_64",
                        product: {
                           name: "apache2-worker-2.4.58-150600.5.18.1.x86_64",
                           product_id: "apache2-worker-2.4.58-150600.5.18.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-basesystem:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:packagehub:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-server-applications:15:sp6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "openSUSE Leap 15.6",
                        product: {
                           name: "openSUSE Leap 15.6",
                           product_id: "openSUSE Leap 15.6",
                           product_identification_helper: {
                              cpe: "cpe:/o:opensuse:leap:15.6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-devel-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-devel-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-event-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-event-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-manual-2.4.58-150600.5.18.1.noarch as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
            },
            product_reference: "apache2-manual-2.4.58-150600.5.18.1.noarch",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-prefork-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-prefork-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-utils-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-utils-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.aarch64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.aarch64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.ppc64le as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.ppc64le",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.s390x as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.s390x",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "apache2-worker-2.4.58-150600.5.18.1.x86_64 as component of openSUSE Leap 15.6",
               product_id: "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
            },
            product_reference: "apache2-worker-2.4.58-150600.5.18.1.x86_64",
            relates_to_product_reference: "openSUSE Leap 15.6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-36387",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-36387",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-36387",
               url: "https://www.suse.com/security/cve/CVE-2024-36387",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227272 for CVE-2024-36387",
               url: "https://bugzilla.suse.com/1227272",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-23T07:04:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-36387",
      },
      {
         cve: "CVE-2024-38475",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38475",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are  permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \n\nSubstitutions in  server context that use a backreferences or variables as the first segment of the substitution are affected.   Some unsafe RewiteRules will be broken by this change and the rewrite flag \"UnsafePrefixStat\" can be used to opt back in once ensuring the substitution is appropriately constrained.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38475",
               url: "https://www.suse.com/security/cve/CVE-2024-38475",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227268 for CVE-2024-38475",
               url: "https://bugzilla.suse.com/1227268",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-23T07:04:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38475",
      },
      {
         cve: "CVE-2024-38476",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38476",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via  backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
               "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38476",
               url: "https://www.suse.com/security/cve/CVE-2024-38476",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227269 for CVE-2024-38476",
               url: "https://bugzilla.suse.com/1227269",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Basesystem 15 SP6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Package Hub 15 SP6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "SUSE Linux Enterprise Module for Server Applications 15 SP6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-devel-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-event-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-manual-2.4.58-150600.5.18.1.noarch",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-prefork-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-utils-2.4.58-150600.5.18.1.x86_64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.aarch64",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.ppc64le",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.s390x",
                  "openSUSE Leap 15.6:apache2-worker-2.4.58-150600.5.18.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-07-23T07:04:00Z",
               details: "important",
            },
         ],
         title: "CVE-2024-38476",
      },
   ],
}

fkie_cve-2024-36387

Vulnerability from fkie_nvd

Published

2024-07-01 19:15

Modified

2024-11-25 18:15

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Summary

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.

References

▼	URL	Tags
	security@apache.org	https://httpd.apache.org/security/vulnerabilities_24.html
	security@apache.org	https://security.netapp.com/advisory/ntap-20240712-0001/
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/07/01/4
	af854a3a-2127-422b-91ae-364da2661108	https://httpd.apache.org/security/vulnerabilities_24.html
	af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240712-0001/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
      },
      {
         lang: "es",
         value: "Ofrecer actualizaciones del protocolo WebSocket a través de una conexión HTTP/2 podría provocar una desreferencia del puntero nulo, lo que provocaría una falla del proceso del servidor y degradaría el rendimiento.",
      },
   ],
   id: "CVE-2024-36387",
   lastModified: "2024-11-25T18:15:12.440",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-07-01T19:15:03.497",
   references: [
      {
         source: "security@apache.org",
         url: "https://httpd.apache.org/security/vulnerabilities_24.html",
      },
      {
         source: "security@apache.org",
         url: "https://security.netapp.com/advisory/ntap-20240712-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.openwall.com/lists/oss-security/2024/07/01/4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://httpd.apache.org/security/vulnerabilities_24.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.netapp.com/advisory/ntap-20240712-0001/",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Awaiting Analysis",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "security@apache.org",
         type: "Secondary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from github

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_opensuse

Vulnerability from csaf_suse

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature