Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-4603
Vulnerability from cvelistv5
Published
2024-05-16 15:21
Modified
2024-10-14 14:56
Severity ?
EPSS score ?
0.44%
(0.60525)
Summary
Issue summary: Checking excessively long DSA keys or parameters may be very
slow.
Impact summary: Applications that use the functions EVP_PKEY_param_check()
or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may
experience long delays. Where the key or parameters that are being checked
have been obtained from an untrusted source this may lead to a Denial of
Service.
The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform
various checks on DSA parameters. Some of those computations take a long time
if the modulus (`p` parameter) is too large.
Trying to use a very large modulus is slow and OpenSSL will not allow using
public keys with a modulus which is over 10,000 bits in length for signature
verification. However the key and parameter check functions do not limit
the modulus size when performing the checks.
An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()
and supplies a key or parameters obtained from an untrusted source could be
vulnerable to a Denial of Service attack.
These functions are not called by OpenSSL itself on untrusted DSA keys so
only applications that directly call these functions may be vulnerable.
Also vulnerable are the OpenSSL pkey and pkeyparam command line applications
when using the `-check` option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T20:47:41.528Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "OpenSSL Advisory", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.openssl.org/news/secadv/20240516.txt", }, { name: "3.0.14 git commit", tags: [ "patch", "x_transferred", ], url: "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", }, { name: "3.1.6 git commit", tags: [ "patch", "x_transferred", ], url: "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", }, { name: "3.2.2 git commit", tags: [ "patch", "x_transferred", ], url: "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", }, { name: "3.3.1 git commit", tags: [ "patch", "x_transferred", ], url: "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/16/2", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0001/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "openssl", vendor: "openssl", versions: [ { lessThan: "3.0.14", status: "affected", version: "3.0.0", versionType: "semver", }, { lessThan: "3.1.6", status: "affected", version: "3.1.0", versionType: "semver", }, { lessThan: "3.2.2", status: "affected", version: "3.2.0", versionType: "semver", }, { lessThan: "3.3.1", status: "affected", version: "3.3.0", versionType: "semver", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2024-4603", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-16T18:27:25.638098Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-834", description: "CWE-834 Excessive Iteration", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T15:11:57.009Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "OpenSSL", vendor: "OpenSSL", versions: [ { lessThan: "3.0.14", status: "affected", version: "3.0.0", versionType: "semver", }, { lessThan: "3.1.6", status: "affected", version: "3.1.0", versionType: "semver", }, { lessThan: "3.2.2", status: "affected", version: "3.2.0", versionType: "semver", }, { lessThan: "3.3.1", status: "affected", version: "3.3.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "OSS-Fuzz", }, { lang: "en", type: "remediation developer", user: "00000000-0000-4000-9000-000000000000", value: "Tomas Mraz", }, ], datePublic: "2024-05-16T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Issue summary: Checking excessively long DSA keys or parameters may be very<br>slow.<br><br>Impact summary: Applications that use the functions EVP_PKEY_param_check()<br>or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may<br>experience long delays. Where the key or parameters that are being checked<br>have been obtained from an untrusted source this may lead to a Denial of<br>Service.<br><br>The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform<br>various checks on DSA parameters. Some of those computations take a long time<br>if the modulus (`p` parameter) is too large.<br><br>Trying to use a very large modulus is slow and OpenSSL will not allow using<br>public keys with a modulus which is over 10,000 bits in length for signature<br>verification. However the key and parameter check functions do not limit<br>the modulus size when performing the checks.<br><br>An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()<br>and supplies a key or parameters obtained from an untrusted source could be<br>vulnerable to a Denial of Service attack.<br><br>These functions are not called by OpenSSL itself on untrusted DSA keys so<br>only applications that directly call these functions may be vulnerable.<br><br>Also vulnerable are the OpenSSL pkey and pkeyparam command line applications<br>when using the `-check` option.<br><br>The OpenSSL SSL/TLS implementation is not affected by this issue.<br><br>The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", }, ], value: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", }, ], metrics: [ { format: "other", other: { content: { text: "Low", }, type: "https://www.openssl.org/policies/secpolicy.html", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-606", description: "CWE-606 Unchecked Input for Loop Condition", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-14T14:56:01.784Z", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { name: "OpenSSL Advisory", tags: [ "vendor-advisory", ], url: "https://www.openssl.org/news/secadv/20240516.txt", }, { name: "3.0.14 git commit", tags: [ "patch", ], url: "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", }, { name: "3.1.6 git commit", tags: [ "patch", ], url: "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", }, { name: "3.2.2 git commit", tags: [ "patch", ], url: "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", }, { name: "3.3.1 git commit", tags: [ "patch", ], url: "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", }, ], source: { discovery: "UNKNOWN", }, title: "Excessive time spent checking DSA keys and parameters", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2024-4603", datePublished: "2024-05-16T15:21:20.050Z", dateReserved: "2024-05-07T11:44:02.196Z", dateUpdated: "2024-10-14T14:56:01.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { descriptions: "[{\"lang\": \"en\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\"}, {\"lang\": \"es\", \"value\": \"Resumen del problema: la comprobaci\\u00f3n de claves o par\\u00e1metros DSA excesivamente largos puede resultar muy lenta. Resumen de impacto: las aplicaciones que utilizan las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() para comprobar una clave p\\u00fablica de DSA o par\\u00e1metros de DSA pueden experimentar grandes retrasos. Cuando la clave o los par\\u00e1metros que se est\\u00e1n verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegaci\\u00f3n de Servicio. Las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() realizan varias comprobaciones de los par\\u00e1metros DSA. Algunos de esos c\\u00e1lculos toman mucho tiempo si el m\\u00f3dulo (par\\u00e1metro `p`) es demasiado grande. Intentar utilizar un m\\u00f3dulo muy grande es lento y OpenSSL no permitir\\u00e1 el uso de claves p\\u00fablicas con un m\\u00f3dulo de m\\u00e1s de 10.000 bits de longitud para la verificaci\\u00f3n de firmas. Sin embargo, las funciones de verificaci\\u00f3n de claves y par\\u00e1metros no limitan el tama\\u00f1o del m\\u00f3dulo al realizar las verificaciones. Una aplicaci\\u00f3n que llama a EVP_PKEY_param_check() o EVP_PKEY_public_check() y proporciona una clave o par\\u00e1metros obtenidos de una fuente que no es de confianza podr\\u00eda ser vulnerable a un ataque de denegaci\\u00f3n de servicio. OpenSSL no llama a estas funciones en claves DSA que no son de confianza, por lo que solo las aplicaciones que llaman directamente a estas funciones pueden ser vulnerables. Tambi\\u00e9n son vulnerables las aplicaciones de l\\u00ednea de comandos OpenSSL pkey y pkeyparam cuando se usa la opci\\u00f3n `-check`. La implementaci\\u00f3n de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema.\"}]", id: "CVE-2024-4603", lastModified: "2024-11-21T09:43:11.753", metrics: "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}]}", published: "2024-05-16T16:15:10.643", references: "[{\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"source\": \"openssl-security@openssl.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/16/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Awaiting Analysis", weaknesses: "[{\"source\": \"openssl-security@openssl.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-606\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-834\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2024-4603\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2024-05-16T16:15:10.643\",\"lastModified\":\"2024-11-21T09:43:11.753\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: la comprobación de claves o parámetros DSA excesivamente largos puede resultar muy lenta. Resumen de impacto: las aplicaciones que utilizan las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() para comprobar una clave pública de DSA o parámetros de DSA pueden experimentar grandes retrasos. Cuando la clave o los parámetros que se están verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegación de Servicio. Las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() realizan varias comprobaciones de los parámetros DSA. Algunos de esos cálculos toman mucho tiempo si el módulo (parámetro `p`) es demasiado grande. Intentar utilizar un módulo muy grande es lento y OpenSSL no permitirá el uso de claves públicas con un módulo de más de 10.000 bits de longitud para la verificación de firmas. Sin embargo, las funciones de verificación de claves y parámetros no limitan el tamaño del módulo al realizar las verificaciones. Una aplicación que llama a EVP_PKEY_param_check() o EVP_PKEY_public_check() y proporciona una clave o parámetros obtenidos de una fuente que no es de confianza podría ser vulnerable a un ataque de denegación de servicio. OpenSSL no llama a estas funciones en claves DSA que no son de confianza, por lo que solo las aplicaciones que llaman directamente a estas funciones pueden ser vulnerables. También son vulnerables las aplicaciones de línea de comandos OpenSSL pkey y pkeyparam cuando se usa la opción `-check`. La implementación de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-606\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-834\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/16/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/16/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0001/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:47:41.528Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4603\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-16T18:27:25.638098Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"openssl\", \"product\": \"openssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-834\", \"description\": \"CWE-834 Excessive Iteration\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-16T18:23:43.403Z\"}}], \"cna\": {\"title\": \"Excessive time spent checking DSA keys and parameters\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"OSS-Fuzz\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Tomas Mraz\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-05-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very<br>slow.<br><br>Impact summary: Applications that use the functions EVP_PKEY_param_check()<br>or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may<br>experience long delays. Where the key or parameters that are being checked<br>have been obtained from an untrusted source this may lead to a Denial of<br>Service.<br><br>The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform<br>various checks on DSA parameters. Some of those computations take a long time<br>if the modulus (`p` parameter) is too large.<br><br>Trying to use a very large modulus is slow and OpenSSL will not allow using<br>public keys with a modulus which is over 10,000 bits in length for signature<br>verification. However the key and parameter check functions do not limit<br>the modulus size when performing the checks.<br><br>An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()<br>and supplies a key or parameters obtained from an untrusted source could be<br>vulnerable to a Denial of Service attack.<br><br>These functions are not called by OpenSSL itself on untrusted DSA keys so<br>only applications that directly call these functions may be vulnerable.<br><br>Also vulnerable are the OpenSSL pkey and pkeyparam command line applications<br>when using the `-check` option.<br><br>The OpenSSL SSL/TLS implementation is not affected by this issue.<br><br>The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-606\", \"description\": \"CWE-606 Unchecked Input for Loop Condition\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-4603\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\", \"dateReserved\": \"2024-05-07T11:44:02.196Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2024-05-16T15:21:20.050Z\", \"assignerShortName\": \"openssl\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
wid-sec-w-2024-3195
Vulnerability from csaf_certbund
Published
2024-10-15 22:00
Modified
2024-10-15 22:00
Summary
Oracle Communications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3195 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3195.json", }, { category: "self", summary: "WID-SEC-2024-3195 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3195", }, { category: "external", summary: "Oracle Critical Patch Update Advisory - October 2024 - Appendix Oracle Communications vom 2024-10-15", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixCGBU", }, ], source_lang: "en-US", title: "Oracle Communications: Mehrere Schwachstellen", tracking: { current_release_date: "2024-10-15T22:00:00.000+00:00", generator: { date: "2024-10-16T10:12:35.400+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-3195", initial_release_date: "2024-10-15T22:00:00.000+00:00", revision_history: [ { date: "2024-10-15T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "9.1.1.3.0", product: { name: "Oracle Communications 9.1.1.3.0", product_id: "T027333", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.1.1.3.0", }, }, }, { category: "product_version", name: "12.6.1.0.0", product: { name: "Oracle Communications 12.6.1.0.0", product_id: "T027338", product_identification_helper: { cpe: "cpe:/a:oracle:communications:12.6.1.0.0", }, }, }, { category: "product_version", name: "5.1", product: { name: "Oracle Communications 5.1", product_id: "T028684", product_identification_helper: { cpe: "cpe:/a:oracle:communications:5.1", }, }, }, { category: "product_version", name: "15.0.0.0.0", product: { name: "Oracle Communications 15.0.0.0.0", product_id: "T032090", product_identification_helper: { cpe: "cpe:/a:oracle:communications:15.0.0.0.0", }, }, }, { category: "product_version", name: "23.4.0", product: { name: "Oracle Communications 23.4.0", product_id: "T032091", product_identification_helper: { cpe: "cpe:/a:oracle:communications:23.4.0", }, }, }, { category: "product_version", name: "23.4.2", product: { name: "Oracle Communications 23.4.2", product_id: "T034144", product_identification_helper: { cpe: "cpe:/a:oracle:communications:23.4.2", }, }, }, { category: "product_version", name: "24.1.0", product: { name: "Oracle Communications 24.1.0", product_id: "T034145", product_identification_helper: { cpe: "cpe:/a:oracle:communications:24.1.0", }, }, }, { category: "product_version", name: "5.2", product: { name: "Oracle Communications 5.2", product_id: "T034146", product_identification_helper: { cpe: "cpe:/a:oracle:communications:5.2", }, }, }, { category: "product_version", name: "24.1.0.0.0", product: { name: "Oracle Communications 24.1.0.0.0", product_id: "T034147", product_identification_helper: { cpe: "cpe:/a:oracle:communications:24.1.0.0.0", }, }, }, { category: "product_version", name: "23.4.3", product: { name: "Oracle Communications 23.4.3", product_id: "T036195", product_identification_helper: { cpe: "cpe:/a:oracle:communications:23.4.3", }, }, }, { category: "product_version", name: "23.4.4", product: { name: "Oracle Communications 23.4.4", product_id: "T036196", product_identification_helper: { cpe: "cpe:/a:oracle:communications:23.4.4", }, }, }, { category: "product_version_range", name: "<=24.2.0", product: { name: "Oracle Communications <=24.2.0", product_id: "T036197", }, }, { category: "product_version_range", name: "<=24.2.0", product: { name: "Oracle Communications <=24.2.0", product_id: "T036197-fixed", }, }, { category: "product_version", name: "4.1.0", product: { name: "Oracle Communications 4.1.0", product_id: "T036205", product_identification_helper: { cpe: "cpe:/a:oracle:communications:4.1.0", }, }, }, { category: "product_version", name: "4.2.0", product: { name: "Oracle Communications 4.2.0", product_id: "T036206", product_identification_helper: { cpe: "cpe:/a:oracle:communications:4.2.0", }, }, }, { category: "product_version", name: "9.2.0", product: { name: "Oracle Communications 9.2.0", product_id: "T036207", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.2.0", }, }, }, { category: "product_version", name: "9.3.0", product: { name: "Oracle Communications 9.3.0", product_id: "T036208", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.3.0", }, }, }, { category: "product_version", name: "12.11.0", product: { name: "Oracle Communications 12.11.0", product_id: "T036209", product_identification_helper: { cpe: "cpe:/a:oracle:communications:12.11.0", }, }, }, { category: "product_version", name: "9.0.1.10.0", product: { name: "Oracle Communications 9.0.1.10.0", product_id: "T038373", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.0.1.10.0", }, }, }, { category: "product_version_range", name: "<=23.4.5", product: { name: "Oracle Communications <=23.4.5", product_id: "T038375", }, }, { category: "product_version_range", name: "<=23.4.5", product: { name: "Oracle Communications <=23.4.5", product_id: "T038375-fixed", }, }, { category: "product_version", name: "24.2.1", product: { name: "Oracle Communications 24.2.1", product_id: "T038376", product_identification_helper: { cpe: "cpe:/a:oracle:communications:24.2.1", }, }, }, { category: "product_version_range", name: "<=23.4.6", product: { name: "Oracle Communications <=23.4.6", product_id: "T038377", }, }, { category: "product_version_range", name: "<=23.4.6", product: { name: "Oracle Communications <=23.4.6", product_id: "T038377-fixed", }, }, { category: "product_version", name: "24.1.1", product: { name: "Oracle Communications 24.1.1", product_id: "T038378", product_identification_helper: { cpe: "cpe:/a:oracle:communications:24.1.1", }, }, }, { category: "product_version", name: "24.2.2", product: { name: "Oracle Communications 24.2.2", product_id: "T038379", product_identification_helper: { cpe: "cpe:/a:oracle:communications:24.2.2", }, }, }, { category: "product_version", name: "9.1.5", product: { name: "Oracle Communications 9.1.5", product_id: "T038380", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.1.5", }, }, }, { category: "product_version", name: "9.1.0", product: { name: "Oracle Communications 9.1.0", product_id: "T038381", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.1.0", }, }, }, { category: "product_version", name: "14", product: { name: "Oracle Communications 14.0", product_id: "T038382", product_identification_helper: { cpe: "cpe:/a:oracle:communications:14.0", }, }, }, { category: "product_version", name: "9.1.1.9.0", product: { name: "Oracle Communications 9.1.1.9.0", product_id: "T038383", product_identification_helper: { cpe: "cpe:/a:oracle:communications:9.1.1.9.0", }, }, }, { category: "product_version", name: "14.0.0.1", product: { name: "Oracle Communications 14.0.0.1", product_id: "T038384", product_identification_helper: { cpe: "cpe:/a:oracle:communications:14.0.0.1", }, }, }, { category: "product_version", name: "17.0.1", product: { name: "Oracle Communications 17.0.1", product_id: "T038385", product_identification_helper: { cpe: "cpe:/a:oracle:communications:17.0.1", }, }, }, { category: "product_version_range", name: "<10.4.0.4", product: { name: "Oracle Communications <10.4.0.4", product_id: "T038386", }, }, { category: "product_version", name: "10.4.0.4", product: { name: "Oracle Communications 10.4.0.4", product_id: "T038386-fixed", product_identification_helper: { cpe: "cpe:/a:oracle:communications:10.4.0.4", }, }, }, { category: "product_version_range", name: "<=9.1.1.8.0", product: { name: "Oracle Communications <=9.1.1.8.0", product_id: "T038426", }, }, { category: "product_version_range", name: "<=9.1.1.8.0", product: { name: "Oracle Communications <=9.1.1.8.0", product_id: "T038426-fixed", }, }, ], category: "product_name", name: "Communications", }, ], category: "vendor", name: "Oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-23437", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2022-23437", }, { cve: "CVE-2022-2601", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2022-2601", }, { cve: "CVE-2022-36760", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2022-36760", }, { cve: "CVE-2023-2953", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-2953", }, { cve: "CVE-2023-3635", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-3635", }, { cve: "CVE-2023-38408", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-38408", }, { cve: "CVE-2023-4043", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-4043", }, { cve: "CVE-2023-46136", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-46136", }, { cve: "CVE-2023-48795", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-48795", }, { cve: "CVE-2023-51775", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-51775", }, { cve: "CVE-2023-5685", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-5685", }, { cve: "CVE-2023-6597", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-6597", }, { cve: "CVE-2023-6816", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2023-6816", }, { cve: "CVE-2024-0450", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-0450", }, { cve: "CVE-2024-22020", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-22020", }, { cve: "CVE-2024-22257", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-22257", }, { cve: "CVE-2024-22262", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-22262", }, { cve: "CVE-2024-23672", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-23672", }, { cve: "CVE-2024-2398", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-2398", }, { cve: "CVE-2024-25062", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-25062", }, { cve: "CVE-2024-25638", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-25638", }, { cve: "CVE-2024-26308", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-26308", }, { cve: "CVE-2024-28182", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-29025", }, { cve: "CVE-2024-29736", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-29736", }, { cve: "CVE-2024-29857", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-29857", }, { cve: "CVE-2024-30251", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-30251", }, { cve: "CVE-2024-31080", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-31080", }, { cve: "CVE-2024-31744", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-31744", }, { cve: "CVE-2024-32760", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-32760", }, { cve: "CVE-2024-33602", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-33602", }, { cve: "CVE-2024-34750", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-34750", }, { cve: "CVE-2024-37371", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-37371", }, { cve: "CVE-2024-37891", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-37891", }, { cve: "CVE-2024-38816", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-38816", }, { cve: "CVE-2024-40898", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-40898", }, { cve: "CVE-2024-43044", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-43044", }, { cve: "CVE-2024-45492", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-45492", }, { cve: "CVE-2024-4577", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-4603", }, { cve: "CVE-2024-5971", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-5971", }, { cve: "CVE-2024-6162", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-6162", }, { cve: "CVE-2024-6387", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-6387", }, { cve: "CVE-2024-7254", notes: [ { category: "description", text: "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036209", "T036205", "T036206", "T036207", "T036208", "T034147", "T038386", "T034146", "T034145", "T034144", "T038382", "T038383", "T038384", "T038385", "T038380", "T038381", "T027338", "T027333", "T028684", "T038379", "T038376", "T038378", "T036195", "T038373", "T036196", "T032090", "T032091", ], last_affected: [ "T038426", "T036197", "T038375", "T038377", ], }, release_date: "2024-10-15T22:00:00.000+00:00", title: "CVE-2024-7254", }, ], }
wid-sec-w-2024-2112
Vulnerability from csaf_certbund
Published
2024-09-10 22:00
Modified
2025-01-14 23:00
Summary
Insyde UEFI Firmware: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
InsydeH2O UEFI BIOS ist eine proprietäre, lizenzierte UEFI-BIOS-Firmware, die Intel und AMD basierte Computer unterstützt.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Insyde UEFI Firmware ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- BIOS/Firmware
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "InsydeH2O UEFI BIOS ist eine proprietäre, lizenzierte UEFI-BIOS-Firmware, die Intel und AMD basierte Computer unterstützt.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Insyde UEFI Firmware ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- BIOS/Firmware", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-2112 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2112.json", }, { category: "self", summary: "WID-SEC-2024-2112 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2112", }, { category: "external", summary: "Insyde Security Pledge INSYDE-SA-2024009 vom 2024-09-10", url: "https://www.insyde.com/security-pledge/SA-2024009", }, { category: "external", summary: "HPE Security Bulletin", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04758en_us&hprpt_id=ALERT_HPE_3075763&jumpid=em_pom8nu6hj_aid-521053889", }, { category: "external", summary: "Dell Security Advisory DSA-2025-020 vom 2025-01-14", url: "https://www.dell.com/support/kbdoc/de-de/000250484/dsa-2025-020", }, ], source_lang: "en-US", title: "Insyde UEFI Firmware: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2025-01-14T23:00:00.000+00:00", generator: { date: "2025-01-15T09:14:02.948+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-2112", initial_release_date: "2024-09-10T22:00:00.000+00:00", revision_history: [ { date: "2024-09-10T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2025-01-07T23:00:00.000+00:00", number: "2", summary: "Neue Updates von HP aufgenommen", }, { date: "2025-01-14T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Dell aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Dell BIOS", product: { name: "Dell BIOS", product_id: "T032770", product_identification_helper: { cpe: "cpe:/h:dell:bios:-", }, }, }, ], category: "vendor", name: "Dell", }, { branches: [ { category: "product_name", name: "HPE Switch", product: { name: "HPE Switch", product_id: "T005119", product_identification_helper: { cpe: "cpe:/h:hp:switch:-", }, }, }, ], category: "vendor", name: "HPE", }, { branches: [ { branches: [ { category: "product_version_range", name: "OpenSSL <3.2.1", product: { name: "Insyde UEFI Firmware OpenSSL <3.2.1", product_id: "T037494", }, }, { category: "product_version", name: "OpenSSL 3.2.1", product: { name: "Insyde UEFI Firmware OpenSSL 3.2.1", product_id: "T037494-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:openssl__3.2.1", }, }, }, ], category: "product_name", name: "UEFI Firmware", }, ], category: "vendor", name: "Insyde", }, ], }, vulnerabilities: [ { cve: "CVE-2023-5678", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2023-5678", }, { cve: "CVE-2024-0727", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2024-0727", }, { cve: "CVE-2024-2511", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in der Insyde UEFI Firmware. Diese Fehler existieren in der OpenSSL-Komponente wegen mehrerer Pufferüberlaufprobleme. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um den Dienst zu beenden und einen Denial-of-Service-Zustand zu erzeugen.", }, ], product_status: { known_affected: [ "T037494", "T005119", "T032770", ], }, release_date: "2024-09-10T22:00:00.000+00:00", title: "CVE-2024-5535", }, ], }
wid-sec-w-2024-1645
Vulnerability from csaf_certbund
Published
2024-07-16 22:00
Modified
2024-07-16 22:00
Summary
Oracle Database Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.", title: "Angriff", }, { category: "general", text: "- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1645 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1645.json", }, { category: "self", summary: "WID-SEC-2024-1645 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1645", }, { category: "external", summary: "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Database Server vom 2024-07-16", url: "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixDB", }, ], source_lang: "en-US", title: "Oracle Database Server: Mehrere Schwachstellen", tracking: { current_release_date: "2024-07-16T22:00:00.000+00:00", generator: { date: "2024-08-15T18:11:28.160+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2024-1645", initial_release_date: "2024-07-16T22:00:00.000+00:00", revision_history: [ { date: "2024-07-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "23.4", product: { name: "Oracle Database Server 23.4", product_id: "T036180", product_identification_helper: { cpe: "cpe:/a:oracle:database_server:23.4", }, }, }, { category: "product_version_range", name: "<=19.23", product: { name: "Oracle Database Server <=19.23", product_id: "T036181", }, }, { category: "product_version_range", name: "<=21.14", product: { name: "Oracle Database Server <=21.14", product_id: "T036182", }, }, ], category: "product_name", name: "Database Server", }, ], category: "vendor", name: "Oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-41881", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2022-41881", }, { cve: "CVE-2024-0397", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-0397", }, { cve: "CVE-2024-21098", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-21098", }, { cve: "CVE-2024-21123", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-21123", }, { cve: "CVE-2024-21126", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-21126", }, { cve: "CVE-2024-21174", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-21174", }, { cve: "CVE-2024-21184", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-21184", }, { cve: "CVE-2024-4603", notes: [ { category: "description", text: "In Oracle Database Server existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"HIGH\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"Hoch\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T036180", ], last_affected: [ "T036182", "T036181", ], }, release_date: "2024-07-16T22:00:00.000+00:00", title: "CVE-2024-4603", }, ], }
wid-sec-w-2024-1171
Vulnerability from csaf_certbund
Published
2024-05-16 22:00
Modified
2025-01-14 23:00
Summary
OpenSSL: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Appliance\n- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1171 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1171.json", }, { category: "self", summary: "WID-SEC-2024-1171 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1171", }, { category: "external", summary: "OpenSSL Security Advisory 16th May 2024 vom 2024-05-16", url: "https://www.openssl.org/news/secadv/20240516.txt", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1789-1 vom 2024-05-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018603.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1947-1 vom 2024-06-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018663.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2066-1 vom 2024-06-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FEPGR4PUJO7QAVC45W5LDGC6S6WWRFPY/", }, { category: "external", summary: "Meinberg Security Advisory vom 2024-07-22", url: "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-04-lantime-firmware-v7-08-014.htm", }, { category: "external", summary: "IBM Security Bulletin 7162032 vom 2024-07-31", url: "https://www.ibm.com/support/pages/node/7162032", }, { category: "external", summary: "Ubuntu Security Notice USN-6937-1 vom 2024-07-31", url: "https://ubuntu.com/security/notices/USN-6937-1", }, { category: "external", summary: "Securepoint UTM Changelog vom 2024-08-14", url: "https://wiki.securepoint.de/UTM/Changelog", }, { category: "external", summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf", }, { category: "external", summary: "IBM Security Bulletin 7173018 vom 2024-10-14", url: "https://www.ibm.com/support/pages/node/7173018", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:9333 vom 2024-11-12", url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "external", summary: "Insyde Security Advisory INSYDE-SA-2024012 vom 2024-11-12", url: "https://www.insyde.com/security-pledge/SA-2024012", }, { category: "external", summary: "Brocade Security Advisory BSA-2024-2588 vom 2024-11-12", url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24990", }, { category: "external", summary: "HPE Security Bulletin vom 2024-11-14", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04744en_us&docLocale=en_US", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10135 vom 2024-11-21", url: "https://access.redhat.com/errata/RHSA-2024:10135", }, { category: "external", summary: "IBM Security Bulletin 7178065 vom 2024-12-06", url: "https://www.ibm.com/support/pages/node/7178065", }, { category: "external", summary: "Hitachi Vulnerability Information HITACHI-SEC-2024-150 vom 2024-12-17", url: "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-150/index.html", }, { category: "external", summary: "HPE Security Bulletin", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04758en_us&hprpt_id=ALERT_HPE_3075763&jumpid=em_pom8nu6hj_aid-521053889", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10990 vom 2025-01-15", url: "https://access.redhat.com/errata/RHSA-2024:10990", }, ], source_lang: "en-US", title: "OpenSSL: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2025-01-14T23:00:00.000+00:00", generator: { date: "2025-01-15T12:18:55.838+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1171", initial_release_date: "2024-05-16T22:00:00.000+00:00", revision_history: [ { date: "2024-05-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-05-27T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-06-09T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-06-18T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-23T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Meinberg aufgenommen", }, { date: "2024-07-30T22:00:00.000+00:00", number: "6", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "7", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "8", summary: "Neue Updates aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "9", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-10-13T22:00:00.000+00:00", number: "10", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-11-11T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-12T23:00:00.000+00:00", number: "12", summary: "Neue Updates von Insyde und BROCADE aufgenommen", }, { date: "2024-11-14T23:00:00.000+00:00", number: "13", summary: "Neue Updates von HP aufgenommen", }, { date: "2024-11-20T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-08T23:00:00.000+00:00", number: "15", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "16", summary: "Neue Updates von HITACHI aufgenommen", }, { date: "2025-01-07T23:00:00.000+00:00", number: "17", summary: "Neue Updates von HP aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "18", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2025-01-14T23:00:00.000+00:00", number: "19", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "19", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<9.2.0c", product: { name: "Broadcom Fabric OS <9.2.0c", product_id: "T038914", }, }, { category: "product_version", name: "9.2.0c", product: { name: "Broadcom Fabric OS 9.2.0c", product_id: "T038914-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.0c", }, }, }, { category: "product_version_range", name: "<9.2.1a1", product: { name: "Broadcom Fabric OS <9.2.1a1", product_id: "T038915", }, }, { category: "product_version", name: "9.2.1a1", product: { name: "Broadcom Fabric OS 9.2.1a1", product_id: "T038915-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.1a1", }, }, }, { category: "product_version_range", name: "<9.2.2", product: { name: "Broadcom Fabric OS <9.2.2", product_id: "T038916", }, }, { category: "product_version", name: "9.2.2", product: { name: "Broadcom Fabric OS 9.2.2", product_id: "T038916-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.2", }, }, }, ], category: "product_name", name: "Fabric OS", }, ], category: "vendor", name: "Broadcom", }, { branches: [ { branches: [ { category: "product_version_range", name: "OpenSSL Software <A.03.00.15.001", product: { name: "HPE HP-UX OpenSSL Software <A.03.00.15.001", product_id: "T039192", }, }, { category: "product_version", name: "OpenSSL Software A.03.00.15.001", product: { name: "HPE HP-UX OpenSSL Software A.03.00.15.001", product_id: "T039192-fixed", product_identification_helper: { cpe: "cpe:/o:hp:hp-ux:openssl_software__a.03.00.15.001", }, }, }, ], category: "product_name", name: "HP-UX", }, { category: "product_name", name: "HPE Switch", product: { name: "HPE Switch", product_id: "T005119", product_identification_helper: { cpe: "cpe:/h:hp:switch:-", }, }, }, ], category: "vendor", name: "HPE", }, { branches: [ { category: "product_name", name: "Hitachi Ops Center", product: { name: "Hitachi Ops Center", product_id: "T038840", product_identification_helper: { cpe: "cpe:/a:hitachi:ops_center:-", }, }, }, ], category: "vendor", name: "Hitachi", }, { branches: [ { branches: [ { category: "product_version", name: "7.3", product: { name: "IBM AIX 7.3", product_id: "1139691", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.3", }, }, }, { category: "product_version", name: "7.2", product: { name: "IBM AIX 7.2", product_id: "434967", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.2", }, }, }, ], category: "product_name", name: "AIX", }, { category: "product_name", name: "IBM MQ", product: { name: "IBM MQ", product_id: "T036688", product_identification_helper: { cpe: "cpe:/a:ibm:mq:operator", }, }, }, { branches: [ { category: "product_version_range", name: "<8.0.0.27", product: { name: "IBM Rational Build Forge <8.0.0.27", product_id: "T038286", }, }, { category: "product_version", name: "8.0.0.27", product: { name: "IBM Rational Build Forge 8.0.0.27", product_id: "T038286-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27", }, }, }, ], category: "product_name", name: "Rational Build Forge", }, { branches: [ { category: "product_version", name: "3.1", product: { name: "IBM VIOS 3.1", product_id: "1039165", product_identification_helper: { cpe: "cpe:/a:ibm:vios:3.1", }, }, }, { category: "product_version", name: "4.1", product: { name: "IBM VIOS 4.1", product_id: "1522854", product_identification_helper: { cpe: "cpe:/a:ibm:vios:4.1", }, }, }, ], category: "product_name", name: "VIOS", }, ], category: "vendor", name: "IBM", }, { branches: [ { branches: [ { category: "product_version_range", name: "<RV24.06.3", product: { name: "Insyde UEFI Firmware <RV24.06.3", product_id: "T038993", }, }, { category: "product_version", name: "RV24.06.3", product: { name: "Insyde UEFI Firmware RV24.06.3", product_id: "T038993-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv24.06.3", }, }, }, { category: "product_version_range", name: "<RV23.08.1", product: { name: "Insyde UEFI Firmware <RV23.08.1", product_id: "T038994", }, }, { category: "product_version", name: "RV23.08.1", product: { name: "Insyde UEFI Firmware RV23.08.1", product_id: "T038994-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv23.08.1", }, }, }, ], category: "product_name", name: "UEFI Firmware", }, ], category: "vendor", name: "Insyde", }, { branches: [ { branches: [ { category: "product_version_range", name: "<V7.08.014", product: { name: "Meinberg LANTIME <V7.08.014", product_id: "T036396", }, }, { category: "product_version", name: "V7.08.014", product: { name: "Meinberg LANTIME V7.08.014", product_id: "T036396-fixed", product_identification_helper: { cpe: "cpe:/h:meinberg:lantime:v7.08.014", }, }, }, ], category: "product_name", name: "LANTIME", }, ], category: "vendor", name: "Meinberg", }, { branches: [ { branches: [ { category: "product_version", name: "3.1", product: { name: "Open Source OpenSSL 3.1", product_id: "T028638", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.1", }, }, }, { category: "product_version", name: "3", product: { name: "Open Source OpenSSL 3.0", product_id: "T030963", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.0", }, }, }, { category: "product_version", name: "3.0 FIPS", product: { name: "Open Source OpenSSL 3.0 FIPS", product_id: "T034876", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.0::fips", }, }, }, { category: "product_version", name: "3.1 FIPS", product: { name: "Open Source OpenSSL 3.1 FIPS", product_id: "T034877", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.1::fips", }, }, }, { category: "product_version", name: "3.2", product: { name: "Open Source OpenSSL 3.2", product_id: "T034878", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.2", }, }, }, { category: "product_version", name: "3.3", product: { name: "Open Source OpenSSL 3.3", product_id: "T034879", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.3", }, }, }, ], category: "product_name", name: "OpenSSL", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { branches: [ { category: "product_version_range", name: "Logging <5.9.10", product: { name: "Red Hat OpenShift Logging <5.9.10", product_id: "T040352", }, }, { category: "product_version", name: "Logging 5.9.10", product: { name: "Red Hat OpenShift Logging 5.9.10", product_id: "T040352-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:logging__5.9.10", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<12.7.2", product: { name: "Securepoint UTM <12.7.2", product_id: "T036885", }, }, { category: "product_version", name: "12.7.2", product: { name: "Securepoint UTM 12.7.2", product_id: "T036885-fixed", product_identification_helper: { cpe: "cpe:/o:securepoint:unified_threat_management:12.7.2", }, }, }, ], category: "product_name", name: "UTM", }, ], category: "vendor", name: "Securepoint", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server", product: { name: "Xerox FreeFlow Print Server", product_id: "T010509", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:-", }, }, }, { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2024-4603", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in OpenSSL. Dies betrifft Anwendungen, die öffentliche DSA-Schlüssel oder -Parameter mit den Funktionen \"EVP_PKEY_param_check()\" oder \"EVP_PKEY_public_check()\" validieren. Wenn der DSA Modulus (\"p\")-Parameter zu groß ist, dauern bestimmte Validierungen sehr lange und verzögern die aufrufende Anwendung. Ein entfernter, anonymer Angreifer kann dies ausnutzen, um mit speziell gestalteten DSA-Schlüsseln einen Denial of Service-Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T030963", "67646", "T036885", "T036688", "T038840", "1139691", "T038286", "T039192", "T010509", "T040352", "T034877", "T038916", "T034876", "T038915", "T028053", "434967", "T034879", "T038914", "T034878", "1039165", "T005119", "1522854", "T036396", "T038994", "T038993", "T002207", "T000126", "T028638", ], }, release_date: "2024-05-16T22:00:00.000+00:00", title: "CVE-2024-4603", }, ], }
WID-SEC-W-2024-1171
Vulnerability from csaf_certbund
Published
2024-05-16 22:00
Modified
2025-01-14 23:00
Summary
OpenSSL: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Appliance\n- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1171 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1171.json", }, { category: "self", summary: "WID-SEC-2024-1171 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1171", }, { category: "external", summary: "OpenSSL Security Advisory 16th May 2024 vom 2024-05-16", url: "https://www.openssl.org/news/secadv/20240516.txt", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1789-1 vom 2024-05-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018603.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1947-1 vom 2024-06-07", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018663.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:2066-1 vom 2024-06-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FEPGR4PUJO7QAVC45W5LDGC6S6WWRFPY/", }, { category: "external", summary: "Meinberg Security Advisory vom 2024-07-22", url: "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-04-lantime-firmware-v7-08-014.htm", }, { category: "external", summary: "IBM Security Bulletin 7162032 vom 2024-07-31", url: "https://www.ibm.com/support/pages/node/7162032", }, { category: "external", summary: "Ubuntu Security Notice USN-6937-1 vom 2024-07-31", url: "https://ubuntu.com/security/notices/USN-6937-1", }, { category: "external", summary: "Securepoint UTM Changelog vom 2024-08-14", url: "https://wiki.securepoint.de/UTM/Changelog", }, { category: "external", summary: "XEROX Security Advisory XRX24-013 vom 2024-09-05", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/09/Xerox-Security-Bulletin-XRX24-013-for-Xerox-FreeFlow-Print-Server-v2-_Windows10.pdf", }, { category: "external", summary: "IBM Security Bulletin 7173018 vom 2024-10-14", url: "https://www.ibm.com/support/pages/node/7173018", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:9333 vom 2024-11-12", url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "external", summary: "Insyde Security Advisory INSYDE-SA-2024012 vom 2024-11-12", url: "https://www.insyde.com/security-pledge/SA-2024012", }, { category: "external", summary: "Brocade Security Advisory BSA-2024-2588 vom 2024-11-12", url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24990", }, { category: "external", summary: "HPE Security Bulletin vom 2024-11-14", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04744en_us&docLocale=en_US", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10135 vom 2024-11-21", url: "https://access.redhat.com/errata/RHSA-2024:10135", }, { category: "external", summary: "IBM Security Bulletin 7178065 vom 2024-12-06", url: "https://www.ibm.com/support/pages/node/7178065", }, { category: "external", summary: "Hitachi Vulnerability Information HITACHI-SEC-2024-150 vom 2024-12-17", url: "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-150/index.html", }, { category: "external", summary: "HPE Security Bulletin", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04758en_us&hprpt_id=ALERT_HPE_3075763&jumpid=em_pom8nu6hj_aid-521053889", }, { category: "external", summary: "XEROX Security Advisory XRX25-001 vom 2025-01-13", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10990 vom 2025-01-15", url: "https://access.redhat.com/errata/RHSA-2024:10990", }, ], source_lang: "en-US", title: "OpenSSL: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2025-01-14T23:00:00.000+00:00", generator: { date: "2025-01-15T12:18:55.838+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1171", initial_release_date: "2024-05-16T22:00:00.000+00:00", revision_history: [ { date: "2024-05-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-05-27T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-06-09T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-06-18T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-07-23T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Meinberg aufgenommen", }, { date: "2024-07-30T22:00:00.000+00:00", number: "6", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-07-31T22:00:00.000+00:00", number: "7", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-08-14T22:00:00.000+00:00", number: "8", summary: "Neue Updates aufgenommen", }, { date: "2024-09-05T22:00:00.000+00:00", number: "9", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-10-13T22:00:00.000+00:00", number: "10", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-11-11T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-12T23:00:00.000+00:00", number: "12", summary: "Neue Updates von Insyde und BROCADE aufgenommen", }, { date: "2024-11-14T23:00:00.000+00:00", number: "13", summary: "Neue Updates von HP aufgenommen", }, { date: "2024-11-20T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-08T23:00:00.000+00:00", number: "15", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "16", summary: "Neue Updates von HITACHI aufgenommen", }, { date: "2025-01-07T23:00:00.000+00:00", number: "17", summary: "Neue Updates von HP aufgenommen", }, { date: "2025-01-12T23:00:00.000+00:00", number: "18", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2025-01-14T23:00:00.000+00:00", number: "19", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "19", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<9.2.0c", product: { name: "Broadcom Fabric OS <9.2.0c", product_id: "T038914", }, }, { category: "product_version", name: "9.2.0c", product: { name: "Broadcom Fabric OS 9.2.0c", product_id: "T038914-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.0c", }, }, }, { category: "product_version_range", name: "<9.2.1a1", product: { name: "Broadcom Fabric OS <9.2.1a1", product_id: "T038915", }, }, { category: "product_version", name: "9.2.1a1", product: { name: "Broadcom Fabric OS 9.2.1a1", product_id: "T038915-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.1a1", }, }, }, { category: "product_version_range", name: "<9.2.2", product: { name: "Broadcom Fabric OS <9.2.2", product_id: "T038916", }, }, { category: "product_version", name: "9.2.2", product: { name: "Broadcom Fabric OS 9.2.2", product_id: "T038916-fixed", product_identification_helper: { cpe: "cpe:/o:broadcom:fabric_operating_system:9.2.2", }, }, }, ], category: "product_name", name: "Fabric OS", }, ], category: "vendor", name: "Broadcom", }, { branches: [ { branches: [ { category: "product_version_range", name: "OpenSSL Software <A.03.00.15.001", product: { name: "HPE HP-UX OpenSSL Software <A.03.00.15.001", product_id: "T039192", }, }, { category: "product_version", name: "OpenSSL Software A.03.00.15.001", product: { name: "HPE HP-UX OpenSSL Software A.03.00.15.001", product_id: "T039192-fixed", product_identification_helper: { cpe: "cpe:/o:hp:hp-ux:openssl_software__a.03.00.15.001", }, }, }, ], category: "product_name", name: "HP-UX", }, { category: "product_name", name: "HPE Switch", product: { name: "HPE Switch", product_id: "T005119", product_identification_helper: { cpe: "cpe:/h:hp:switch:-", }, }, }, ], category: "vendor", name: "HPE", }, { branches: [ { category: "product_name", name: "Hitachi Ops Center", product: { name: "Hitachi Ops Center", product_id: "T038840", product_identification_helper: { cpe: "cpe:/a:hitachi:ops_center:-", }, }, }, ], category: "vendor", name: "Hitachi", }, { branches: [ { branches: [ { category: "product_version", name: "7.3", product: { name: "IBM AIX 7.3", product_id: "1139691", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.3", }, }, }, { category: "product_version", name: "7.2", product: { name: "IBM AIX 7.2", product_id: "434967", product_identification_helper: { cpe: "cpe:/o:ibm:aix:7.2", }, }, }, ], category: "product_name", name: "AIX", }, { category: "product_name", name: "IBM MQ", product: { name: "IBM MQ", product_id: "T036688", product_identification_helper: { cpe: "cpe:/a:ibm:mq:operator", }, }, }, { branches: [ { category: "product_version_range", name: "<8.0.0.27", product: { name: "IBM Rational Build Forge <8.0.0.27", product_id: "T038286", }, }, { category: "product_version", name: "8.0.0.27", product: { name: "IBM Rational Build Forge 8.0.0.27", product_id: "T038286-fixed", product_identification_helper: { cpe: "cpe:/a:ibm:rational_build_forge:8.0.0.27", }, }, }, ], category: "product_name", name: "Rational Build Forge", }, { branches: [ { category: "product_version", name: "3.1", product: { name: "IBM VIOS 3.1", product_id: "1039165", product_identification_helper: { cpe: "cpe:/a:ibm:vios:3.1", }, }, }, { category: "product_version", name: "4.1", product: { name: "IBM VIOS 4.1", product_id: "1522854", product_identification_helper: { cpe: "cpe:/a:ibm:vios:4.1", }, }, }, ], category: "product_name", name: "VIOS", }, ], category: "vendor", name: "IBM", }, { branches: [ { branches: [ { category: "product_version_range", name: "<RV24.06.3", product: { name: "Insyde UEFI Firmware <RV24.06.3", product_id: "T038993", }, }, { category: "product_version", name: "RV24.06.3", product: { name: "Insyde UEFI Firmware RV24.06.3", product_id: "T038993-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv24.06.3", }, }, }, { category: "product_version_range", name: "<RV23.08.1", product: { name: "Insyde UEFI Firmware <RV23.08.1", product_id: "T038994", }, }, { category: "product_version", name: "RV23.08.1", product: { name: "Insyde UEFI Firmware RV23.08.1", product_id: "T038994-fixed", product_identification_helper: { cpe: "cpe:/h:insyde:uefi:rv23.08.1", }, }, }, ], category: "product_name", name: "UEFI Firmware", }, ], category: "vendor", name: "Insyde", }, { branches: [ { branches: [ { category: "product_version_range", name: "<V7.08.014", product: { name: "Meinberg LANTIME <V7.08.014", product_id: "T036396", }, }, { category: "product_version", name: "V7.08.014", product: { name: "Meinberg LANTIME V7.08.014", product_id: "T036396-fixed", product_identification_helper: { cpe: "cpe:/h:meinberg:lantime:v7.08.014", }, }, }, ], category: "product_name", name: "LANTIME", }, ], category: "vendor", name: "Meinberg", }, { branches: [ { branches: [ { category: "product_version", name: "3.1", product: { name: "Open Source OpenSSL 3.1", product_id: "T028638", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.1", }, }, }, { category: "product_version", name: "3", product: { name: "Open Source OpenSSL 3.0", product_id: "T030963", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.0", }, }, }, { category: "product_version", name: "3.0 FIPS", product: { name: "Open Source OpenSSL 3.0 FIPS", product_id: "T034876", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.0::fips", }, }, }, { category: "product_version", name: "3.1 FIPS", product: { name: "Open Source OpenSSL 3.1 FIPS", product_id: "T034877", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.1::fips", }, }, }, { category: "product_version", name: "3.2", product: { name: "Open Source OpenSSL 3.2", product_id: "T034878", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.2", }, }, }, { category: "product_version", name: "3.3", product: { name: "Open Source OpenSSL 3.3", product_id: "T034879", product_identification_helper: { cpe: "cpe:/a:openssl:openssl:3.3", }, }, }, ], category: "product_name", name: "OpenSSL", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { branches: [ { category: "product_version_range", name: "Logging <5.9.10", product: { name: "Red Hat OpenShift Logging <5.9.10", product_id: "T040352", }, }, { category: "product_version", name: "Logging 5.9.10", product: { name: "Red Hat OpenShift Logging 5.9.10", product_id: "T040352-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:logging__5.9.10", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<12.7.2", product: { name: "Securepoint UTM <12.7.2", product_id: "T036885", }, }, { category: "product_version", name: "12.7.2", product: { name: "Securepoint UTM 12.7.2", product_id: "T036885-fixed", product_identification_helper: { cpe: "cpe:/o:securepoint:unified_threat_management:12.7.2", }, }, }, ], category: "product_name", name: "UTM", }, ], category: "vendor", name: "Securepoint", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server", product: { name: "Xerox FreeFlow Print Server", product_id: "T010509", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:-", }, }, }, { category: "product_version", name: "v9 for Solaris", product: { name: "Xerox FreeFlow Print Server v9 for Solaris", product_id: "T028053", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9_for_solaris", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2024-4603", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in OpenSSL. Dies betrifft Anwendungen, die öffentliche DSA-Schlüssel oder -Parameter mit den Funktionen \"EVP_PKEY_param_check()\" oder \"EVP_PKEY_public_check()\" validieren. Wenn der DSA Modulus (\"p\")-Parameter zu groß ist, dauern bestimmte Validierungen sehr lange und verzögern die aufrufende Anwendung. Ein entfernter, anonymer Angreifer kann dies ausnutzen, um mit speziell gestalteten DSA-Schlüsseln einen Denial of Service-Zustand herbeizuführen.", }, ], product_status: { known_affected: [ "T030963", "67646", "T036885", "T036688", "T038840", "1139691", "T038286", "T039192", "T010509", "T040352", "T034877", "T038916", "T034876", "T038915", "T028053", "434967", "T034879", "T038914", "T034878", "1039165", "T005119", "1522854", "T036396", "T038994", "T038993", "T002207", "T000126", "T028638", ], }, release_date: "2024-05-16T22:00:00.000+00:00", title: "CVE-2024-4603", }, ], }
ICSA-24-319-06
Vulnerability from csaf_cisa
Published
2024-11-12 00:00
Modified
2024-11-12 00:00
Summary
Siemens SCALANCE M-800 Family
Notes
Summary
SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-354112: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json", }, { category: "self", summary: "SSA-354112: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-354112.html", }, { category: "self", summary: "ICS Advisory ICSA-24-319-06 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-319-06.json", }, { category: "self", summary: "ICS Advisory ICSA-24-319-06 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SCALANCE M-800 Family", tracking: { current_release_date: "2024-11-12T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-24-319-06", initial_release_date: "2024-11-12T00:00:00.000000Z", revision_history: [ { date: "2024-11-12T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2BA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2DA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5804-0AP00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5812-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5812-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5816-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5816-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5826-2AB00-2AB2", ], }, }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5874-2AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", product_id: "CSAFPID-0010", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2FA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", product_id: "CSAFPID-0011", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", product_id: "CSAFPID-0012", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", product_id: "CSAFPID-0013", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2EA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", product_id: "CSAFPID-0014", product_identification_helper: { model_numbers: [ "6GK5876-4AA10-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", product_id: "CSAFPID-0015", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", product_id: "CSAFPID-0016", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2DA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", product_id: "CSAFPID-0017", product_identification_helper: { model_numbers: [ "6GK5853-2EA10-2AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", product_id: "CSAFPID-0018", product_identification_helper: { model_numbers: [ "6GK5853-2EA10-2BA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", product_id: "CSAFPID-0019", product_identification_helper: { model_numbers: [ "6GK5853-2EA00-2DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", product_id: "CSAFPID-0020", product_identification_helper: { model_numbers: [ "6GK5856-2EA10-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", product_id: "CSAFPID-0021", product_identification_helper: { model_numbers: [ "6GK5856-2EA10-3BA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", product_id: "CSAFPID-0022", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3FA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", product_id: "CSAFPID-0023", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", product_id: "CSAFPID-0024", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", product_id: "CSAFPID-0025", product_identification_helper: { model_numbers: [ "6GK5615-0AA01-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", product_id: "CSAFPID-0026", product_identification_helper: { model_numbers: [ "6GK5615-0AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3506", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2021-3506", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-49441", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2023-49441", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions\r\nImpact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5594", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, notes: [ { category: "summary", text: "control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-26306", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in \"Everlasting ROBOT: the Marvin Attack\" by Hubert Kario.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-26306", }, { cve: "CVE-2024-26925", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-26925", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "summary", text: "OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-50557", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50557", }, { cve: "CVE-2024-50558", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50558", }, { cve: "CVE-2024-50559", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50559", }, { cve: "CVE-2024-50560", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50560", }, { cve: "CVE-2024-50561", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50561", }, { cve: "CVE-2024-50572", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50572", }, ], }
icsa-24-319-06
Vulnerability from csaf_cisa
Published
2024-11-12 00:00
Modified
2024-11-12 00:00
Summary
Siemens SCALANCE M-800 Family
Notes
Summary
SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities.
Siemens has released new versions for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "SCALANCE M-800 family before V8.2 is affected by multiple vulnerabilities.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-354112: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-354112.json", }, { category: "self", summary: "SSA-354112: Multiple Vulnerabilities in SCALANCE M-800 Family Before V8.2 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-354112.html", }, { category: "self", summary: "ICS Advisory ICSA-24-319-06 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-319-06.json", }, { category: "self", summary: "ICS Advisory ICSA-24-319-06 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SCALANCE M-800 Family", tracking: { current_release_date: "2024-11-12T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-24-319-06", initial_release_date: "2024-11-12T00:00:00.000000Z", revision_history: [ { date: "2024-11-12T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2BA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2DA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5804-0AP00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5812-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5812-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5816-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5816-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5826-2AB00-2AB2", ], }, }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5874-2AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", product_id: "CSAFPID-0010", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2FA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", product_id: "CSAFPID-0011", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", product_id: "CSAFPID-0012", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", product_id: "CSAFPID-0013", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2EA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", product_id: "CSAFPID-0014", product_identification_helper: { model_numbers: [ "6GK5876-4AA10-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", product_id: "CSAFPID-0015", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", product_id: "CSAFPID-0016", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2DA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", product_id: "CSAFPID-0017", product_identification_helper: { model_numbers: [ "6GK5853-2EA10-2AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", product_id: "CSAFPID-0018", product_identification_helper: { model_numbers: [ "6GK5853-2EA10-2BA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", product_id: "CSAFPID-0019", product_identification_helper: { model_numbers: [ "6GK5853-2EA00-2DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", product_id: "CSAFPID-0020", product_identification_helper: { model_numbers: [ "6GK5856-2EA10-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", product_id: "CSAFPID-0021", product_identification_helper: { model_numbers: [ "6GK5856-2EA10-3BA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", product_id: "CSAFPID-0022", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3FA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", product_id: "CSAFPID-0023", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", product_id: "CSAFPID-0024", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", product_id: "CSAFPID-0025", product_identification_helper: { model_numbers: [ "6GK5615-0AA01-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2)", }, { branches: [ { category: "product_version_range", name: "vers:all/<V8.2", product: { name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", product_id: "CSAFPID-0026", product_identification_helper: { model_numbers: [ "6GK5615-0AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3506", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2021-3506", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-49441", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "summary", text: "dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2023-49441", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions\r\nImpact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5594", cwe: { id: "CWE-117", name: "Improper Output Neutralization for Logs", }, notes: [ { category: "summary", text: "control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-26306", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in \"Everlasting ROBOT: the Marvin Attack\" by Hubert Kario.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-26306", }, { cve: "CVE-2024-26925", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-26925", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "summary", text: "OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-50557", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50557", }, { cve: "CVE-2024-50558", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "summary", text: "Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50558", }, { cve: "CVE-2024-50559", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50559", }, { cve: "CVE-2024-50560", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50560", }, { cve: "CVE-2024-50561", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50561", }, { cve: "CVE-2024-50572", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "summary", text: "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, remediations: [ { category: "vendor_fix", details: "Update to V8.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], url: "https://support.industry.siemens.com/cs/ww/en/view/109976047/", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-0011", "CSAFPID-0010", "CSAFPID-0012", "CSAFPID-0013", "CSAFPID-0014", "CSAFPID-0015", "CSAFPID-0016", "CSAFPID-0017", "CSAFPID-0018", "CSAFPID-0019", "CSAFPID-0020", "CSAFPID-0021", "CSAFPID-0022", "CSAFPID-0023", "CSAFPID-0024", "CSAFPID-0025", "CSAFPID-0026", ], }, ], title: "CVE-2024-50572", }, ], }
ncsc-2024-0291
Vulnerability from csaf_ncscnl
Published
2024-07-17 13:51
Modified
2024-07-17 13:51
Summary
Kwetsbaarheden verholpen in Oracle Database Server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Er zijn kwetsbaarheden verholpen in Oracle Database Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Manipulatie van gegevens
* Omzeilen van beveiligingsmaatregel
Oplossingen
Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.
Kans
medium
Schade
high
CWE-285
Improper Authorization
CWE-404
Improper Resource Shutdown or Release
CWE-674
Uncontrolled Recursion
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Er zijn kwetsbaarheden verholpen in Oracle Database Server.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Manipulatie van gegevens\n* Omzeilen van beveiligingsmaatregel", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Authorization", title: "CWE-285", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-0397", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21098", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21123", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21126", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21174", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21184", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { category: "external", summary: "Reference - oracle", url: "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json", }, { category: "external", summary: "Reference - cveprojectv5; ibm; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujul2024.html", }, ], title: " Kwetsbaarheden verholpen in Oracle Database Server", tracking: { current_release_date: "2024-07-17T13:51:54.185475Z", id: "NCSC-2024-0291", initial_release_date: "2024-07-17T13:51:54.185475Z", revision_history: [ { date: "2024-07-17T13:51:54.185475Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764843", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_-_machine_learning_for_python___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_core___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_data_redaction___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764844", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_data_redaction___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764839", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_fleet_patching___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_fleet_patching___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_oml4py___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_portable_clusterware___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764840", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_rdbms_security___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764847", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_rdbms_security___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_recovery_manager___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_recovery_manager___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764841", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_sqlcl___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764848", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_sqlcl___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_workload_manager___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764842", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_graalvm_multilingual_engine___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503604", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503605", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_multilingual_engine___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503606", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_oml4py___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-266118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503896", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205254", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205230", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909875", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909872", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909878", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909879", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909880", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909876", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-220917", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503891", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.20:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.21:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909877", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503897", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.23:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205268", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205281", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205256", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205216", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909874", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909873", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503890", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503893", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-220916", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-611586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-912081", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503257", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205284", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503892", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503894", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503895", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503256", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:23.4:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-41881", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, notes: [ { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-764783", "CSAFPID-764784", "CSAFPID-764785", "CSAFPID-764786", "CSAFPID-764787", "CSAFPID-764788", "CSAFPID-764789", "CSAFPID-764790", "CSAFPID-764838", "CSAFPID-764839", "CSAFPID-764840", "CSAFPID-764841", "CSAFPID-764842", "CSAFPID-764843", "CSAFPID-764844", "CSAFPID-764845", "CSAFPID-764846", "CSAFPID-764847", "CSAFPID-764848", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2022-41881", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41881.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-764783", "CSAFPID-764784", "CSAFPID-764785", "CSAFPID-764786", "CSAFPID-764787", "CSAFPID-764788", "CSAFPID-764789", "CSAFPID-764790", "CSAFPID-764838", "CSAFPID-764839", "CSAFPID-764840", "CSAFPID-764841", "CSAFPID-764842", "CSAFPID-764843", "CSAFPID-764844", "CSAFPID-764845", "CSAFPID-764846", "CSAFPID-764847", "CSAFPID-764848", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2022-41881", }, { cve: "CVE-2024-0397", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-0397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-0397", }, { cve: "CVE-2024-4603", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-21098", cwe: { id: "CWE-285", name: "Improper Authorization", }, notes: [ { category: "other", text: "Improper Authorization", title: "CWE-285", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21098", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21098.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21098", }, { cve: "CVE-2024-21123", cwe: { id: "CWE-285", name: "Improper Authorization", }, notes: [ { category: "other", text: "Improper Authorization", title: "CWE-285", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21123", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21123.json", }, ], title: "CVE-2024-21123", }, { cve: "CVE-2024-21126", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21126", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21126.json", }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21126", }, { cve: "CVE-2024-21174", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21174", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21174.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21174", }, { cve: "CVE-2024-21184", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21184", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21184.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21184", }, ], }
ncsc-2025-0061
Vulnerability from csaf_ncscnl
Published
2025-02-14 08:46
Modified
2025-02-14 08:46
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als APOGEE, Opcenter, RUGGEDCOM, SCALANCE, SIMATIC, SIPROTEC en Teamcenter.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Cross-Site-Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-468
Incorrect Pointer Scaling
CWE-606
Unchecked Input for Loop Condition
CWE-183
Permissive List of Allowed Inputs
CWE-385
Covert Timing Channel
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-170
Improper Null Termination
CWE-489
Active Debug Code
CWE-1392
Use of Default Credentials
CWE-222
Truncation of Security-relevant Information
CWE-310
CWE-310
CWE-328
Use of Weak Hash
CWE-304
Missing Critical Step in Authentication
CWE-684
Incorrect Provision of Specified Functionality
CWE-208
Observable Timing Discrepancy
CWE-326
Inadequate Encryption Strength
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-347
Improper Verification of Cryptographic Signature
CWE-834
Excessive Iteration
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-425
Direct Request ('Forced Browsing')
CWE-440
Expected Behavior Violation
CWE-704
Incorrect Type Conversion or Cast
CWE-415
Double Free
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CWE-613
Insufficient Session Expiration
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-312
Cleartext Storage of Sensitive Information
CWE-369
Divide By Zero
CWE-252
Unchecked Return Value
CWE-203
Observable Discrepancy
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-416
Use After Free
CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-436
Interpretation Conflict
CWE-400
Uncontrolled Resource Consumption
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Siemens heeft kwetsbaarheden verholpen in diverse producten als APOGEE, Opcenter, RUGGEDCOM, SCALANCE, SIMATIC, SIPROTEC en Teamcenter.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Cross-Site-Scripting (XSS)\n- Cross-Site Request Forgery (CSRF)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", title: "Interpretaties", }, { category: "description", text: "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Incorrect Pointer Scaling", title: "CWE-468", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Permissive List of Allowed Inputs", title: "CWE-183", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, { category: "general", text: "Improper Null Termination", title: "CWE-170", }, { category: "general", text: "Active Debug Code", title: "CWE-489", }, { category: "general", text: "Use of Default Credentials", title: "CWE-1392", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "CWE-310", title: "CWE-310", }, { category: "general", text: "Use of Weak Hash", title: "CWE-328", }, { category: "general", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "general", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Inadequate Encryption Strength", title: "CWE-326", }, { category: "general", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, { category: "general", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Direct Request ('Forced Browsing')", title: "CWE-425", }, { category: "general", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "general", text: "Incorrect Type Conversion or Cast", title: "CWE-704", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Improper Validation of Syntactic Correctness of Input", title: "CWE-1286", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, { category: "general", text: "Externally Controlled Reference to a Resource in Another Sphere", title: "CWE-610", }, { category: "general", text: "Insufficient Session Expiration", title: "CWE-613", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Cleartext Storage of Sensitive Information", title: "CWE-312", }, { category: "general", text: "Divide By Zero", title: "CWE-369", }, { category: "general", text: "Unchecked Return Value", title: "CWE-252", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "general", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Interpretation Conflict", title: "CWE-436", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-111547.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-195895.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-224824.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-246355.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-342348.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-369369.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-615116.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637914.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-647005.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-656895.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-687955.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-767615.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-769027.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-770770.pdf", }, ], title: "Kwetsbaarheden verholpen in Siemens producten", tracking: { current_release_date: "2025-02-14T08:46:28.240775Z", id: "NCSC-2025-0061", initial_release_date: "2025-02-14T08:46:28.240775Z", revision_history: [ { date: "2025-02-14T08:46:28.240775Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "apogee_pxc_series__bacnet_", product: { name: "apogee_pxc_series__bacnet_", product_id: "CSAFPID-1702551", product_identification_helper: { cpe: "cpe:2.3:a:siemens:apogee_pxc_series__bacnet_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "apogee_pxc_series__p2_ethernet_", product: { name: "apogee_pxc_series__p2_ethernet_", product_id: "CSAFPID-1702739", product_identification_helper: { cpe: "cpe:2.3:a:siemens:apogee_pxc_series__p2_ethernet_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "opcenter_intelligence", product: { name: "opcenter_intelligence", product_id: "CSAFPID-1702007", product_identification_helper: { cpe: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "opcenter_intelligence", product: { name: "opcenter_intelligence", product_id: "CSAFPID-1767245", product_identification_helper: { cpe: "cpe:2.3:a:siemens:opcenter_intelligence:2501:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom", product: { name: "ruggedcom", product_id: "CSAFPID-342615", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance", product: { name: "scalance", product_id: "CSAFPID-1769354", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "_simatic_s7", product: { name: "_simatic_s7", product_id: "CSAFPID-1769355", product_identification_helper: { cpe: "cpe:2.3:a:siemens:_simatic_s7:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "_simatic", product: { name: "_simatic", product_id: "CSAFPID-1769356", product_identification_helper: { cpe: "cpe:2.3:a:siemens:_simatic:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7", product: { name: "simatic_s7", product_id: "CSAFPID-1751507", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic", product: { name: "simatic", product_id: "CSAFPID-166121", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siprotec", product: { name: "siprotec", product_id: "CSAFPID-1750039", product_identification_helper: { cpe: "cpe:2.3:a:siemens:siprotec:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "teamcenter", product: { name: "teamcenter", product_id: "CSAFPID-538462", product_identification_helper: { cpe: "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2024-46665", cwe: { id: "CWE-201", name: "Insertion of Sensitive Information Into Sent Data", }, notes: [ { category: "other", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-46665", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46665.json", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-46665", }, { cve: "CVE-2024-46666", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-46666", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46666.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-46666", }, { cve: "CVE-2024-46668", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-46668", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46668.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-46668", }, { cve: "CVE-2024-46669", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-46669", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46669.json", }, ], title: "CVE-2024-46669", }, { cve: "CVE-2024-46670", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-46670", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46670.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-46670", }, { cve: "CVE-2024-48884", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-48884", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-48884.json", }, ], title: "CVE-2024-48884", }, { cve: "CVE-2024-48885", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-48885", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-48885.json", }, ], title: "CVE-2024-48885", }, { cve: "CVE-2024-50560", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-50560", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50560.json", }, ], title: "CVE-2024-50560", }, { cve: "CVE-2024-50561", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-50561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50561.json", }, ], title: "CVE-2024-50561", }, { cve: "CVE-2024-50572", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-50572", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50572.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-50572", }, { cve: "CVE-2024-52963", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-52963", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52963.json", }, ], title: "CVE-2024-52963", }, { cve: "CVE-2024-53648", cwe: { id: "CWE-489", name: "Active Debug Code", }, notes: [ { category: "other", text: "Active Debug Code", title: "CWE-489", }, { category: "general", text: "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-53648", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53648.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-53648", }, { cve: "CVE-2024-53651", cwe: { id: "CWE-312", name: "Cleartext Storage of Sensitive Information", }, notes: [ { category: "other", text: "Cleartext Storage of Sensitive Information", title: "CWE-312", }, { category: "general", text: "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-53651", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53651.json", }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-53651", }, { cve: "CVE-2024-53977", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-53977", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53977.json", }, ], title: "CVE-2024-53977", }, { cve: "CVE-2024-54015", cwe: { id: "CWE-1392", name: "Use of Default Credentials", }, notes: [ { category: "other", text: "Use of Default Credentials", title: "CWE-1392", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-54015", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54015.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-54015", }, { cve: "CVE-2024-54021", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "other", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "other", text: "Interpretation Conflict", title: "CWE-436", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-54021", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54021.json", }, ], title: "CVE-2024-54021", }, { cve: "CVE-2024-54089", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "other", text: "Inadequate Encryption Strength", title: "CWE-326", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-54089", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54089.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-54089", }, { cve: "CVE-2024-54090", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-54090", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54090.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-54090", }, { cve: "CVE-2025-23363", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, notes: [ { category: "other", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-23363", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23363.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-23363", }, { cve: "CVE-2025-23403", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-23403", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23403.json", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-23403", }, { cve: "CVE-2025-24499", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-24499", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24499.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-24499", }, { cve: "CVE-2025-24532", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-24532", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24532.json", }, ], title: "CVE-2025-24532", }, { cve: "CVE-2025-24811", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-24811", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24811.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-24811", }, { cve: "CVE-2025-24812", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "other", text: "Improper Validation of Syntactic Correctness of Input", title: "CWE-1286", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-24812", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24812.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-24812", }, { cve: "CVE-2025-24956", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2025-24956", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24956.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2025-24956", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-2588", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2588.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2663", cwe: { id: "CWE-923", name: "Improper Restriction of Communication Channel to Intended Endpoints", }, notes: [ { category: "other", text: "Improper Restriction of Communication Channel to Intended Endpoints", title: "CWE-923", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-2663", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2663.json", }, ], title: "CVE-2022-2663", }, { cve: "CVE-2022-3524", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-3524", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3524.json", }, ], title: "CVE-2022-3524", }, { cve: "CVE-2022-4304", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "other", text: "Inadequate Encryption Strength", title: "CWE-326", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-4304", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4304.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-4450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4450.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-4450", }, { cve: "CVE-2022-22127", product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-22127", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-22127.json", }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-22127", }, { cve: "CVE-2022-22128", product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-22128", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-22128.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-22128", }, { cve: "CVE-2022-39188", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-39188", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-39188.json", }, ], title: "CVE-2022-39188", }, { cve: "CVE-2022-39842", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-39842", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-39842.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-39842", }, { cve: "CVE-2022-40303", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-40303", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40303.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-40303", }, { cve: "CVE-2022-40304", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "other", text: "Double Free", title: "CWE-415", }, { category: "other", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-40304", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40304.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-40304", }, { cve: "CVE-2022-43750", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-43750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-43750.json", }, ], title: "CVE-2022-43750", }, { cve: "CVE-2022-47069", product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-47069", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-47069.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-47069", }, { cve: "CVE-2022-47929", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2022-47929", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-47929.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2022-47929", }, { cve: "CVE-2023-0045", cwe: { id: "CWE-610", name: "Externally Controlled Reference to a Resource in Another Sphere", }, notes: [ { category: "other", text: "Externally Controlled Reference to a Resource in Another Sphere", title: "CWE-610", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0045", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0045.json", }, ], title: "CVE-2023-0045", }, { cve: "CVE-2023-0215", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0215", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0215.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0215", }, { cve: "CVE-2023-0286", cwe: { id: "CWE-704", name: "Incorrect Type Conversion or Cast", }, notes: [ { category: "other", text: "Incorrect Type Conversion or Cast", title: "CWE-704", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0286", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0286.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0286", }, { cve: "CVE-2023-0464", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0464", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0464.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0465", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0465.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0466", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0466.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0466", }, { cve: "CVE-2023-0590", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-0590", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0590.json", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-0590", }, { cve: "CVE-2023-1073", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1073", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1073.json", }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1073", }, { cve: "CVE-2023-1074", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1074", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1074.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1074", }, { cve: "CVE-2023-1118", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1118", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1118.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1118", }, { cve: "CVE-2023-1206", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1206", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1206.json", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1206", }, { cve: "CVE-2023-1380", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1380", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1380.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1380", }, { cve: "CVE-2023-1670", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-1670", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1670.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-1670", }, { cve: "CVE-2023-2194", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-2194", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2194.json", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-2194", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-3446", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3611", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-3611", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3611.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-3611", }, { cve: "CVE-2023-4623", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-4623", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4623.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-4623", }, { cve: "CVE-2023-4921", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-4921", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4921.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-4921", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, notes: [ { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-5363", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5363.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-5678", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json", }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5717", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-5717", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5717.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-5717", }, { cve: "CVE-2023-6129", cwe: { id: "CWE-328", name: "Use of Weak Hash", }, notes: [ { category: "other", text: "Use of Weak Hash", title: "CWE-328", }, { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-6129", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-6129", }, { cve: "CVE-2023-6237", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-6237", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6237.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-6237", }, { cve: "CVE-2023-7250", cwe: { id: "CWE-183", name: "Permissive List of Allowed Inputs", }, notes: [ { category: "other", text: "Permissive List of Allowed Inputs", title: "CWE-183", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-7250", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7250.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-7250", }, { cve: "CVE-2023-23454", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-23454", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-23454.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-23454", }, { cve: "CVE-2023-23455", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-23455", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-23455.json", }, ], title: "CVE-2023-23455", }, { cve: "CVE-2023-23559", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-23559", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-23559.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-23559", }, { cve: "CVE-2023-26545", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-26545", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26545.json", }, ], title: "CVE-2023-26545", }, { cve: "CVE-2023-28484", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-28484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-28484", }, { cve: "CVE-2023-28578", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-28578", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28578.json", }, ], scores: [ { cvss_v3: { baseScore: 9.3, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-28578", }, { cve: "CVE-2023-29469", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Double Free", title: "CWE-415", }, { category: "other", text: "Improper Null Termination", title: "CWE-170", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-29469", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-29469", }, { cve: "CVE-2023-31085", cwe: { id: "CWE-369", name: "Divide By Zero", }, notes: [ { category: "other", text: "Divide By Zero", title: "CWE-369", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-31085", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-31085.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-31085", }, { cve: "CVE-2023-31315", notes: [ { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-31315", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-31315.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-31315", }, { cve: "CVE-2023-35001", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Incorrect Pointer Scaling", title: "CWE-468", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-35001", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35001.json", }, ], title: "CVE-2023-35001", }, { cve: "CVE-2023-37482", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-37482", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37482.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-37482", }, { cve: "CVE-2023-39192", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-39192", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39192.json", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-39192", }, { cve: "CVE-2023-39193", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-39193", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39193.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-39193", }, { cve: "CVE-2023-42754", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-42754", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42754.json", }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-42754", }, { cve: "CVE-2023-43522", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-43522", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43522.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-43522", }, { cve: "CVE-2023-44320", cwe: { id: "CWE-425", name: "Direct Request ('Forced Browsing')", }, notes: [ { category: "other", text: "Direct Request ('Forced Browsing')", title: "CWE-425", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-44320", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44320.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-44320", }, { cve: "CVE-2023-44322", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, notes: [ { category: "other", text: "Unchecked Return Value", title: "CWE-252", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-44322", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44322.json", }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-44322", }, { cve: "CVE-2023-45853", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-45853", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45853.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-45853", }, { cve: "CVE-2023-45863", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-45863", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45863.json", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-45863", }, { cve: "CVE-2023-46604", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-46604", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46604.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-46604", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "other", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-304", name: "Missing Critical Step in Authentication", }, notes: [ { category: "other", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-51384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2023-51385", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2024-0727", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-0727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-0727", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-9143", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-9143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json", }, ], title: "CVE-2024-9143", }, { cve: "CVE-2024-23814", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-23814", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23814.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-23814", }, { cve: "CVE-2024-26306", cwe: { id: "CWE-310", name: "-", }, notes: [ { category: "other", text: "CWE-310", title: "CWE-310", }, { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-26306", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26306.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-26306", }, { cve: "CVE-2024-33016", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-33016", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33016.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-33016", }, { cve: "CVE-2024-36504", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-36504", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36504.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-36504", }, { cve: "CVE-2024-45386", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, notes: [ { category: "other", text: "Insufficient Session Expiration", title: "CWE-613", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, references: [ { category: "self", summary: "CVE-2024-45386", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45386.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702551", "CSAFPID-1702739", "CSAFPID-1702007", "CSAFPID-1767245", "CSAFPID-342615", "CSAFPID-1769354", "CSAFPID-1769355", "CSAFPID-1769356", "CSAFPID-1751507", "CSAFPID-166121", "CSAFPID-1750039", "CSAFPID-538462", ], }, ], title: "CVE-2024-45386", }, ], }
NCSC-2024-0414
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:17
Modified
2024-10-17 13:17
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van gegevens
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-122
Heap-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-606
Unchecked Input for Loop Condition
CWE-390
Detection of Error Condition Without Action
CWE-405
Asymmetric Resource Consumption (Amplification)
CWE-222
Truncation of Security-relevant Information
CWE-364
Signal Handler Race Condition
CWE-450
Multiple Interpretations of UI Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-126
Buffer Over-read
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-195
Signed to Unsigned Conversion Error
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-918
Server-Side Request Forgery (SSRF)
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Signal Handler Race Condition", title: "CWE-364", }, { category: "general", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Buffer Over-read", title: "CWE-126", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, { category: "general", text: "Signed to Unsigned Conversion Error", title: "CWE-195", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Incomplete Cleanup", title: "CWE-459", }, { category: "general", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Uncaught Exception", title: "CWE-248", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Communications", tracking: { current_release_date: "2024-10-17T13:17:52.103171Z", id: "NCSC-2024-0414", initial_release_date: "2024-10-17T13:17:52.103171Z", revision_history: [ { date: "2024-10-17T13:17:52.103171Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635305", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635311", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670430", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635320", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670439", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670429", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670435", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670431", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670436", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670432", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635321", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635318", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674642", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670434", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674637", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635307", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635319", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670438", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635315", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670433", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674641", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670437", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635308", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635309", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications__10.4.0.4", product: { name: "communications__10.4.0.4", product_id: "CSAFPID-1674629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.2", product: { name: "communications___23.4.2", product_id: "CSAFPID-1670442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.3", product: { name: "communications___23.4.3", product_id: "CSAFPID-1635325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.4", product: { name: "communications___23.4.4", product_id: "CSAFPID-1635326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.5", product: { name: "communications___23.4.5", product_id: "CSAFPID-1674645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.6", product: { name: "communications___23.4.6", product_id: "CSAFPID-1674646", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___24.2.0", product: { name: "communications___24.2.0", product_id: "CSAFPID-1674644", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___7.2.1.0.0", product: { name: "communications___7.2.1.0.0", product_id: "CSAFPID-1670441", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.6", product: { name: "communications___8.6.0.6", product_id: "CSAFPID-1635327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.8", product: { name: "communications___8.6.0.8", product_id: "CSAFPID-1635328", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.2", product: { name: "communications___9.0.2", product_id: "CSAFPID-1670440", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.3", product: { name: "communications___9.0.3", product_id: "CSAFPID-1635329", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.1.1.8.0", product: { name: "communications___9.1.1.8.0", product_id: "CSAFPID-1674643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674621", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674618", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674619", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674617", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674620", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___12.0.6.0.0", product: { name: "communications_applications___12.0.6.0.0", product_id: "CSAFPID-1674627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___5.5.22", product: { name: "communications_applications___5.5.22", product_id: "CSAFPID-1674626", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.3", product: { name: "communications_applications___6.0.3", product_id: "CSAFPID-1674628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.4", product: { name: "communications_applications___6.0.4", product_id: "CSAFPID-1674624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.5", product: { name: "communications_applications___6.0.5", product_id: "CSAFPID-1674625", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-204629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-1673475", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-816792", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-764735", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1650734", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-204639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-204627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-816793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-912557", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management__-_elastic_charging_engine", product: { name: "communications_billing_and_revenue_management__-_elastic_charging_engine", product_id: "CSAFPID-219835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-764247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-41194", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1650820", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-765241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-498607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-912556", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_calendar_server", product: { name: "communications_calendar_server", product_id: "CSAFPID-764736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_calendar_server", product: { name: "communications_calendar_server", product_id: "CSAFPID-220190", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_configuration_console", product: { name: "communications_cloud_native_configuration_console", product_id: "CSAFPID-391501", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_configuration_console", product: { name: "communications_cloud_native_configuration_console", product_id: "CSAFPID-440102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-89545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-180215", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-180197", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-41516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-41515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220057", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220055", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1503577", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673416", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673412", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673411", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-2045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-40612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-608629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-93784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-41111", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1685", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-493445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-294401", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-220547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764824", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-220459", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45184", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45181", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611403", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1650752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1673396", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-912066", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1503323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673526", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673391", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-165550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-93546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-180195", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-40299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-187447", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-45186", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-45185", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-220559", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-220558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-764238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-764239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816768", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816769", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-912085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1503578", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673389", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673421", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673420", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-764825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816770", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816771", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-912068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-1503579", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-180201", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-760687", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-40947", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-93635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-503534", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-90018", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-220327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-94290", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-220325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-614513", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-643776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-816772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-912076", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1503580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40613", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-2044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40301", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-180194", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-449747", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40298", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-223527", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-449746", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-503493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-260394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-219838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-611387", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-618156", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-816773", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912101", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1673473", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1503581", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912539", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912540", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912541", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912542", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912543", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-40611", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-40609", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-180198", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-41112", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-41110", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-760688", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-493444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-93633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220056", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-223511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-216017", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220918", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614514", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816346", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912077", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1503322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-40608", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-180199", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-41113", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-260395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-260393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816348", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-912545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816347", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673494", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673501", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-764240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-220468", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-2310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-93547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-180200", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-180193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-93636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-90020", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-90015", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-220133", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1650751", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-912069", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-765371", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-180216", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-180202", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-40300", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-93653", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-40949", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-642000", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-93634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-90021", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-218028", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220881", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220910", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-611401", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-816778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-614517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673392", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1503582", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-40610", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-611587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-642002", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-493443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-642001", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503583", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503585", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1672767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-180217", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-180196", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-165576", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-40297", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-589926", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-179780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-40948", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-589925", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-179779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90019", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90016", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-220326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912078", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816349", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1673399", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-764737", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-224787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-220189", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-764827", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-764828", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server_-_service_controller", product: { name: "communications_converged_application_server_-_service_controller", product_id: "CSAFPID-764734", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server_-_service_controller", product: { name: "communications_converged_application_server_-_service_controller", product_id: "CSAFPID-426842", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503599", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-345031", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-204635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-764833", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-224793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-816794", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-342793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1650777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-764248", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-816350", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1261", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-110244", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-110242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-93777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-1672764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-93772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_data_model", product: { name: "communications_data_model", product_id: "CSAFPID-764902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-765372", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-342799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704412", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704411", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-165544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704410", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-41183", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_intelligence_hub", product: { name: "communications_diameter_intelligence_hub", product_id: "CSAFPID-342802", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_intelligence_hub", product: { name: "communications_diameter_intelligence_hub", product_id: "CSAFPID-764829", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1503588", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1892", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1891", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1888", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1887", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1884", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1885", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1882", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1881", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1883", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1879", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1880", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-40293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1650826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1650830", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-611413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912551", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912552", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_application_processor", product: { name: "communications_eagle_application_processor", product_id: "CSAFPID-1673417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_application_processor", product: { name: "communications_eagle_application_processor", product_id: "CSAFPID-765369", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-204528", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_ftp_table_base_retrieval", product: { name: "communications_eagle_ftp_table_base_retrieval", product_id: "CSAFPID-204623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_lnp_application_processor", product: { name: "communications_eagle_lnp_application_processor", product_id: "CSAFPID-352633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_lnp_application_processor", product: { name: "communications_eagle_lnp_application_processor", product_id: "CSAFPID-352632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_software", product: { name: "communications_eagle_software", product_id: "CSAFPID-765366", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_software", product: { name: "communications_eagle_software", product_id: "CSAFPID-765365", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_elastic_charging_engine", product: { name: "communications_elastic_charging_engine", product_id: "CSAFPID-764834", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-764242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-9226", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-9070", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-8845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-2286", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204464", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-345038", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-93629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-611422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-93630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-816780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_evolved_communications_application_server", product: { name: "communications_evolved_communications_application_server", product_id: "CSAFPID-204645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-912553", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-207586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-234306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-219803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-387664", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_interactive_session_recorder", product: { name: "communications_interactive_session_recorder", product_id: "CSAFPID-1893", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-204622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-219909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_lsms", product: { name: "communications_lsms", product_id: "CSAFPID-1673065", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-764835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-375182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-816351", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-41182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-611595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-226017", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-220167", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816353", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-764243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816352", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1673414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-342803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1650778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1266", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-764249", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-816354", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-204563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-220125", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-245244", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-219776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-204554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-765242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-9489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-110249", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-93781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-220132", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-912079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-219898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-221118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-179774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-1673496", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence", product: { name: "communications_performance_intelligence", product_id: "CSAFPID-1503591", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center", product: { name: "communications_performance_intelligence_center", product_id: "CSAFPID-1673485", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-765367", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-765368", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-764830", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-573035", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-45192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-611406", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-764738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-204595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-204590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-816355", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816359", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816358", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816357", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-912558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503602", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816797", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_services_gatekeeper", product: { name: "communications_services_gatekeeper", product_id: "CSAFPID-608630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503592", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503593", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1672762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503594", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-342804", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-704413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2296", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-166028", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2290", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2288", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2282", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2285", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2279", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-204634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-345039", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-93628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-611423", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-93631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-816791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-342805", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-704414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-166027", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2289", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2287", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2283", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2284", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2280", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2281", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-220414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-204607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_router", product: { name: "communications_session_router", product_id: "CSAFPID-764780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_router", product: { name: "communications_session_router", product_id: "CSAFPID-764781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_subscriber-aware_load_balancer", product: { name: "communications_subscriber-aware_load_balancer", product_id: "CSAFPID-93775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_subscriber-aware_load_balancer", product: { name: "communications_subscriber-aware_load_balancer", product_id: "CSAFPID-93774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-240600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78763", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673070", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673381", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1650731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673530", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-764901", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-614089", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-764739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204614", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-8984", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204569", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-219826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-912073", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_session_manager", product: { name: "communications_unified_session_manager", product_id: "CSAFPID-110243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_session_manager", product: { name: "communications_unified_session_manager", product_id: "CSAFPID-205759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503596", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503598", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-764900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-76994", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-568240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-764782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-355340", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-912080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1673481", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-912554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-611408", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-703515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-611407", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-204456", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2021-37137", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-41182", "CSAFPID-209546", "CSAFPID-40608", "CSAFPID-180216", "CSAFPID-93547", "CSAFPID-180217", "CSAFPID-2310", "CSAFPID-40612", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-1899", "CSAFPID-41111", "CSAFPID-40299", "CSAFPID-187447", "CSAFPID-1900", "CSAFPID-40301", "CSAFPID-180194", "CSAFPID-40298", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-40300", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-40294", "CSAFPID-110243", "CSAFPID-204629", "CSAFPID-765241", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-41183", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-1893", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-204456", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-204645", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180196", "CSAFPID-180201", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-764739", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204635", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673381", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2021-37137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-41182", "CSAFPID-209546", "CSAFPID-40608", "CSAFPID-180216", "CSAFPID-93547", "CSAFPID-180217", "CSAFPID-2310", "CSAFPID-40612", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-1899", "CSAFPID-41111", "CSAFPID-40299", "CSAFPID-187447", "CSAFPID-1900", "CSAFPID-40301", "CSAFPID-180194", "CSAFPID-40298", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-40300", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-40294", "CSAFPID-110243", "CSAFPID-204629", "CSAFPID-765241", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-41183", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-1893", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-204456", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-204645", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180196", "CSAFPID-180201", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-764739", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204635", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673381", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2021-37137", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-40949", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-764735", "CSAFPID-204635", "CSAFPID-41183", "CSAFPID-234306", "CSAFPID-41182", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-764738", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-220547", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-93636", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-2068", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-40949", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-764735", "CSAFPID-204635", "CSAFPID-41183", "CSAFPID-234306", "CSAFPID-41182", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-764738", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-220547", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-93636", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2601", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-2601", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-2601", }, { cve: "CVE-2022-23437", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-204629", "CSAFPID-704410", "CSAFPID-704411", "CSAFPID-704412", "CSAFPID-226017", "CSAFPID-179774", "CSAFPID-219898", "CSAFPID-219826", "CSAFPID-204569", "CSAFPID-204510", "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-220548", "CSAFPID-608629", "CSAFPID-93784", "CSAFPID-41111", "CSAFPID-1685", "CSAFPID-493445", "CSAFPID-294401", "CSAFPID-220547", "CSAFPID-764824", "CSAFPID-220459", "CSAFPID-764825", "CSAFPID-93635", "CSAFPID-503534", "CSAFPID-503493", "CSAFPID-493444", "CSAFPID-93633", "CSAFPID-260395", "CSAFPID-260393", "CSAFPID-220468", "CSAFPID-93636", "CSAFPID-93634", "CSAFPID-589926", "CSAFPID-179780", "CSAFPID-589925", "CSAFPID-179779", "CSAFPID-764826", "CSAFPID-764827", "CSAFPID-764828", "CSAFPID-764829", "CSAFPID-764830", "CSAFPID-220190", "CSAFPID-220189", "CSAFPID-764833", "CSAFPID-41183", "CSAFPID-764834", "CSAFPID-234306", "CSAFPID-764835", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-40949", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-204635", "CSAFPID-41182", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-1899", "CSAFPID-40299", "CSAFPID-1900", "CSAFPID-180194", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-110243", "CSAFPID-765241", "CSAFPID-209546", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180217", "CSAFPID-180196", "CSAFPID-40612", "CSAFPID-180201", "CSAFPID-180216", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-40608", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-2310", "CSAFPID-93547", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673065", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-23437", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json", }, ], title: "CVE-2022-23437", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-704412", "CSAFPID-704411", "CSAFPID-704410", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-36760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-704412", "CSAFPID-704411", "CSAFPID-704410", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-2953", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3635", cwe: { id: "CWE-195", name: "Signed to Unsigned Conversion Error", }, notes: [ { category: "other", text: "Signed to Unsigned Conversion Error", title: "CWE-195", }, { category: "other", text: "Uncaught Exception", title: "CWE-248", }, ], product_status: { known_affected: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-204622", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-219909", "CSAFPID-220558", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611401", "CSAFPID-611406", "CSAFPID-611407", "CSAFPID-611408", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-614513", "CSAFPID-614514", "CSAFPID-614515", "CSAFPID-614516", "CSAFPID-614517", "CSAFPID-618156", "CSAFPID-643776", "CSAFPID-764237", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-764240", "CSAFPID-764241", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-764249", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", ], }, references: [ { category: "self", summary: "CVE-2023-3635", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-204622", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-219909", "CSAFPID-220558", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611401", "CSAFPID-611406", "CSAFPID-611407", "CSAFPID-611408", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-614513", "CSAFPID-614514", "CSAFPID-614515", "CSAFPID-614516", "CSAFPID-614517", "CSAFPID-618156", "CSAFPID-643776", "CSAFPID-764237", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-764240", "CSAFPID-764241", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-764249", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", ], }, ], title: "CVE-2023-3635", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816352", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-342804", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-224793", "CSAFPID-816794", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342803", "CSAFPID-611595", "CSAFPID-764738", "CSAFPID-816351", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-912073", "CSAFPID-912558", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816352", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-342804", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-224793", "CSAFPID-816794", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342803", "CSAFPID-611595", "CSAFPID-764738", "CSAFPID-816351", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-912073", "CSAFPID-912558", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2023-5685", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2023-5685", }, { cve: "CVE-2023-6597", cwe: { id: "CWE-61", name: "UNIX Symbolic Link (Symlink) Following", }, notes: [ { category: "other", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2023-6597", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2023-6597", }, { cve: "CVE-2023-6816", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-6816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-6816", }, { cve: "CVE-2023-38408", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-45182", "CSAFPID-40293", "CSAFPID-611406", "CSAFPID-764237", "CSAFPID-220558", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-614513", "CSAFPID-643776", "CSAFPID-611387", "CSAFPID-618156", "CSAFPID-614516", "CSAFPID-614515", "CSAFPID-614514", "CSAFPID-764240", "CSAFPID-94291", "CSAFPID-611401", "CSAFPID-614517", "CSAFPID-764241", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-342804", "CSAFPID-611408", "CSAFPID-611407", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-611595", "CSAFPID-764249", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-38408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-45182", "CSAFPID-40293", "CSAFPID-611406", "CSAFPID-764237", "CSAFPID-220558", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-614513", "CSAFPID-643776", "CSAFPID-611387", "CSAFPID-618156", "CSAFPID-614516", "CSAFPID-614515", "CSAFPID-614514", "CSAFPID-764240", "CSAFPID-94291", "CSAFPID-611401", "CSAFPID-614517", "CSAFPID-764241", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-342804", "CSAFPID-611408", "CSAFPID-611407", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-611595", "CSAFPID-764249", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-38408", }, { cve: "CVE-2023-43642", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673395", "CSAFPID-94291", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", ], }, references: [ { category: "self", summary: "CVE-2023-43642", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673395", "CSAFPID-94291", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", ], }, ], title: "CVE-2023-43642", }, { cve: "CVE-2023-46136", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673411", "CSAFPID-912549", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-220132", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-46136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673411", "CSAFPID-912549", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-220132", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-46136", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816352", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-219803", "CSAFPID-816351", "CSAFPID-611595", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673417", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-90016", "CSAFPID-764826", "CSAFPID-345038", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-93781", "CSAFPID-345039", "CSAFPID-912080", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-611413", "CSAFPID-240600", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816352", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-219803", "CSAFPID-816351", "CSAFPID-611595", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673417", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-90016", "CSAFPID-764826", "CSAFPID-345038", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-93781", "CSAFPID-345039", "CSAFPID-912080", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-611413", "CSAFPID-240600", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-51775", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-51775", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2023-51775", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912102", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-52428", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912102", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2023-52428", }, { cve: "CVE-2024-0450", cwe: { id: "CWE-450", name: "Multiple Interpretations of UI Input", }, notes: [ { category: "other", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "other", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-0450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-0450", }, { cve: "CVE-2024-2398", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-2398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-2398", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1650731", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650731", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-5971", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, notes: [ { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673526", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-5971", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673526", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-5971", }, { cve: "CVE-2024-6162", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-6162", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-6162", }, { cve: "CVE-2024-6387", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "other", text: "Signal Handler Race Condition", title: "CWE-364", }, ], product_status: { known_affected: [ "CSAFPID-1503595", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-6387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json", }, ], title: "CVE-2024-6387", }, { cve: "CVE-2024-7254", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-7254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json", }, ], title: "CVE-2024-7254", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-912101", "CSAFPID-1673473", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-912101", "CSAFPID-1673473", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673475", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-224795", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673475", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-224795", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-22257", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-22257", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-22257", }, { cve: "CVE-2024-22262", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, notes: [ { category: "other", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650820", "CSAFPID-1650751", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-22262", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650820", "CSAFPID-1650751", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-22262", }, { cve: "CVE-2024-23672", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "other", text: "Incomplete Cleanup", title: "CWE-459", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-23672", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-23672", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650734", "CSAFPID-1650830", "CSAFPID-1650777", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-1650778", "CSAFPID-41182", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650734", "CSAFPID-1650830", "CSAFPID-1650777", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-1650778", "CSAFPID-41182", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-24549", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-24549", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-24549", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1650752", "CSAFPID-1673481", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-25062", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1650752", "CSAFPID-1673481", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-25062", }, { cve: "CVE-2024-25638", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "other", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-25638", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json", }, ], scores: [ { cvss_v3: { baseScore: 8.9, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-25638", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1673485", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673389", "CSAFPID-1672767", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673415", "CSAFPID-1673390", "CSAFPID-1673413", "CSAFPID-1673395", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1673485", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673389", "CSAFPID-1672767", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673415", "CSAFPID-1673390", "CSAFPID-1673413", "CSAFPID-1673395", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-29736", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-29736", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-29736", }, { cve: "CVE-2024-29857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1673413", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29857", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673413", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29857", }, { cve: "CVE-2024-30251", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-30251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-30251", }, { cve: "CVE-2024-31080", cwe: { id: "CWE-126", name: "Buffer Over-read", }, notes: [ { category: "other", text: "Buffer Over-read", title: "CWE-126", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-31080", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json", }, ], title: "CVE-2024-31080", }, { cve: "CVE-2024-31744", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-31744", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-31744", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-33602", cwe: { id: "CWE-466", name: "Return of Pointer Value Outside of Expected Range", }, notes: [ { category: "other", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-33602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-33602", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-39689", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673393", ], }, references: [ { category: "self", summary: "CVE-2024-39689", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673393", ], }, ], title: "CVE-2024-39689", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-1673516", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673516", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-41817", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1674625", ], }, references: [ { category: "self", summary: "CVE-2024-41817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1674625", ], }, ], title: "CVE-2024-41817", }, { cve: "CVE-2024-43044", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673494", "CSAFPID-1673393", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-43044", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673494", "CSAFPID-1673393", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-43044", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-45492", }, ], }
NCSC-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Untrusted Search Path", title: "CWE-426", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CWE-18", title: "CWE-18", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Integer Coercion Error", title: "CWE-192", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "general", text: "Missing Critical Step in Authentication", title: "CWE-304", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Database producten", tracking: { current_release_date: "2024-10-17T13:15:19.595269Z", id: "NCSC-2024-0411", initial_release_date: "2024-10-17T13:15:19.595269Z", revision_history: [ { date: "2024-10-17T13:15:19.595269Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673504", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673507", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673509", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673508", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph_mapviewer", product: { name: "spatial_and_graph_mapviewer", product_id: "CSAFPID-912561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-764250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673512", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-816800", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673529", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning_-_micronaut", product: { name: "fleet_patching_and_provisioning_-_micronaut", product_id: "CSAFPID-1673492", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning", product: { name: "fleet_patching_and_provisioning", product_id: "CSAFPID-1503603", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673451", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673450", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673452", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816798", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-1673525", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912046", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816855", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816361", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503302", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816852", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816853", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816854", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-816801", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-1673405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_administration", product: { name: "application_express_administration", product_id: "CSAFPID-764731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_customers_plugin", product: { name: "application_express_customers_plugin", product_id: "CSAFPID-764732", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_team_calendar_plugin", product: { name: "application_express_team_calendar_plugin", product_id: "CSAFPID-764733", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-266119", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1503575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673188", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-764779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-89587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-765259", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-187448", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-94075", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-220886", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-611394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-816317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-912567", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1503612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1673479", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_essbase", product: { name: "oracle_essbase", product_id: "CSAFPID-1650506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-816845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1673404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650831", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data", product: { name: "goldengate_big_data", product_id: "CSAFPID-764274", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-764752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-1673384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-816846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-611390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-764803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_veridata", product: { name: "goldengate_veridata", product_id: "CSAFPID-764275", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-342816", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-485902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-219912", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_stream_analytics", product: { name: "oracle_goldengate_stream_analytics", product_id: "CSAFPID-1650515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-764861", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-1503640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_studio", product: { name: "oracle_goldengate_studio", product_id: "CSAFPID-1650835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate", product: { name: "oracle_goldengate", product_id: "CSAFPID-1650575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764813", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503661", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503663", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673497", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673491", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673495", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673488", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650757", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650758", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650760", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_nosql_database", product: { name: "oracle_nosql_database", product_id: "CSAFPID-1650584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_secure_backup", product: { name: "oracle_secure_backup", product_id: "CSAFPID-1650563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-667692", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-345049", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-611417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-1673422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_sql_developer", product: { name: "oracle_sql_developer", product_id: "CSAFPID-1650638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-764822", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-220643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816870", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816871", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-1673397", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, { branches: [ { category: "product_name", name: "oracle_application_express", product: { name: "oracle_application_express", product_id: "CSAFPID-1673144", product_identification_helper: { cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle_corporation", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1471", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", ], }, references: [ { category: "self", summary: "CVE-2022-1471", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json", }, ], title: "CVE-2022-1471", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, notes: [ { category: "other", text: "Integer Coercion Error", title: "CWE-192", }, { category: "other", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, ], product_status: { known_affected: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-34169", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-34169", }, { cve: "CVE-2022-36033", cwe: { id: "CWE-87", name: "Improper Neutralization of Alternate XSS Syntax", }, notes: [ { category: "other", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-36033", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-36033", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, references: [ { category: "self", summary: "CVE-2022-37454", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-38136", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-38136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json", }, ], title: "CVE-2022-38136", }, { cve: "CVE-2022-40196", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-40196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json", }, ], title: "CVE-2022-40196", }, { cve: "CVE-2022-41342", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-41342", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json", }, ], title: "CVE-2022-41342", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-42919", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json", }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-45061", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-46337", product_status: { known_affected: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, references: [ { category: "self", summary: "CVE-2022-46337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, ], title: "CVE-2022-46337", }, { cve: "CVE-2023-2976", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-2976", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-2976", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-4759", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "other", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-4759", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-4759", }, { cve: "CVE-2023-4863", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", ], }, references: [ { category: "self", summary: "CVE-2023-4863", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json", }, ], title: "CVE-2023-4863", }, { cve: "CVE-2023-5072", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-5072", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-5072", }, { cve: "CVE-2023-26031", cwe: { id: "CWE-426", name: "Untrusted Search Path", }, notes: [ { category: "other", text: "Untrusted Search Path", title: "CWE-426", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-26031", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-26031", }, { cve: "CVE-2023-26551", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26551", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json", }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26551", }, { cve: "CVE-2023-26552", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26552", }, { cve: "CVE-2023-26553", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26553", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26553", }, { cve: "CVE-2023-26554", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26554", }, { cve: "CVE-2023-26555", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26555", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26555", }, { cve: "CVE-2023-28484", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-28484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-28484", }, { cve: "CVE-2023-29469", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-29469", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-29469", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-33201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-33201", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, references: [ { category: "self", summary: "CVE-2023-37920", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-39410", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-39410", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-44981", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, references: [ { category: "self", summary: "CVE-2023-44981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, ], title: "CVE-2023-44981", }, { cve: "CVE-2023-45288", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-45288", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-45288", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49083", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-49083", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-49083", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-304", name: "Missing Critical Step in Authentication", }, notes: [ { category: "other", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51385", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-52425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52425", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52425", }, { cve: "CVE-2023-52426", cwe: { id: "CWE-776", name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, notes: [ { category: "other", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52426", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52426", }, { cve: "CVE-2024-1874", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-1874", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-1874", }, { cve: "CVE-2024-2408", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-2408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-2408", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5458", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5458", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5458", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-21131", product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json", }, ], title: "CVE-2024-21131", }, { cve: "CVE-2024-21138", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json", }, ], title: "CVE-2024-21138", }, { cve: "CVE-2024-21140", product_status: { known_affected: [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json", }, ], title: "CVE-2024-21140", }, { cve: "CVE-2024-21144", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json", }, ], title: "CVE-2024-21144", }, { cve: "CVE-2024-21145", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21145", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json", }, ], title: "CVE-2024-21145", }, { cve: "CVE-2024-21147", product_status: { known_affected: [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21147", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json", }, ], title: "CVE-2024-21147", }, { cve: "CVE-2024-21233", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-21233", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-21233", }, { cve: "CVE-2024-21242", product_status: { known_affected: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, references: [ { category: "self", summary: "CVE-2024-21242", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json", }, ], scores: [ { cvss_v3: { baseScore: 3.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, ], title: "CVE-2024-21242", }, { cve: "CVE-2024-21251", product_status: { known_affected: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, references: [ { category: "self", summary: "CVE-2024-21251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, ], title: "CVE-2024-21251", }, { cve: "CVE-2024-21261", product_status: { known_affected: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-21261", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-21261", }, { cve: "CVE-2024-22018", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22018", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22018", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-23944", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23944", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23944", }, { cve: "CVE-2024-24989", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24989", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json", }, ], title: "CVE-2024-24989", }, { cve: "CVE-2024-24990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24990", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-24990", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26130", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26130", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26130", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-28887", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-28887", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-28887", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-31079", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-31079", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-31079", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-34161", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-34161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-34161", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35200", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-35200", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-35200", }, { cve: "CVE-2024-36137", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-36137", }, { cve: "CVE-2024-36138", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json", }, ], title: "CVE-2024-36138", }, { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37372", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-37372", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-37372", }, { cve: "CVE-2024-38356", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38356", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38356", }, { cve: "CVE-2024-38357", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38357", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38357", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-39884", cwe: { id: "CWE-18", name: "-", }, notes: [ { category: "other", text: "CWE-18", title: "CWE-18", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39884", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39884", }, { cve: "CVE-2024-40725", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40725", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40725", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-45801", }, ], }
ncsc-2024-0414
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:17
Modified
2024-10-17 13:17
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van gegevens
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-122
Heap-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-606
Unchecked Input for Loop Condition
CWE-390
Detection of Error Condition Without Action
CWE-405
Asymmetric Resource Consumption (Amplification)
CWE-222
Truncation of Security-relevant Information
CWE-364
Signal Handler Race Condition
CWE-450
Multiple Interpretations of UI Input
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-126
Buffer Over-read
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-195
Signed to Unsigned Conversion Error
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-918
Server-Side Request Forgery (SSRF)
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Signal Handler Race Condition", title: "CWE-364", }, { category: "general", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Buffer Over-read", title: "CWE-126", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, { category: "general", text: "Signed to Unsigned Conversion Error", title: "CWE-195", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Incomplete Cleanup", title: "CWE-459", }, { category: "general", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Uncaught Exception", title: "CWE-248", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Communications", tracking: { current_release_date: "2024-10-17T13:17:52.103171Z", id: "NCSC-2024-0414", initial_release_date: "2024-10-17T13:17:52.103171Z", revision_history: [ { date: "2024-10-17T13:17:52.103171Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635305", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635311", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670430", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635320", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670439", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670429", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670435", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670431", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670436", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670432", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635321", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635318", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674642", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670434", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674637", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635307", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635319", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670438", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635315", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670433", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674641", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1670437", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1674634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635308", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications", product: { name: "communications", product_id: "CSAFPID-1635309", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications__10.4.0.4", product: { name: "communications__10.4.0.4", product_id: "CSAFPID-1674629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.2", product: { name: "communications___23.4.2", product_id: "CSAFPID-1670442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.3", product: { name: "communications___23.4.3", product_id: "CSAFPID-1635325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.4", product: { name: "communications___23.4.4", product_id: "CSAFPID-1635326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.5", product: { name: "communications___23.4.5", product_id: "CSAFPID-1674645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___23.4.6", product: { name: "communications___23.4.6", product_id: "CSAFPID-1674646", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___24.2.0", product: { name: "communications___24.2.0", product_id: "CSAFPID-1674644", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___7.2.1.0.0", product: { name: "communications___7.2.1.0.0", product_id: "CSAFPID-1670441", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.6", product: { name: "communications___8.6.0.6", product_id: "CSAFPID-1635327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___8.6.0.8", product: { name: "communications___8.6.0.8", product_id: "CSAFPID-1635328", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.2", product: { name: "communications___9.0.2", product_id: "CSAFPID-1670440", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.0.3", product: { name: "communications___9.0.3", product_id: "CSAFPID-1635329", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications___9.1.1.8.0", product: { name: "communications___9.1.1.8.0", product_id: "CSAFPID-1674643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674621", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674618", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674619", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674617", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications", product: { name: "communications_applications", product_id: "CSAFPID-1674620", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___12.0.6.0.0", product: { name: "communications_applications___12.0.6.0.0", product_id: "CSAFPID-1674627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___5.5.22", product: { name: "communications_applications___5.5.22", product_id: "CSAFPID-1674626", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.3", product: { name: "communications_applications___6.0.3", product_id: "CSAFPID-1674628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.4", product: { name: "communications_applications___6.0.4", product_id: "CSAFPID-1674624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_applications___6.0.5", product: { name: "communications_applications___6.0.5", product_id: "CSAFPID-1674625", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-204629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-1673475", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_asap", product: { name: "communications_asap", product_id: "CSAFPID-816792", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-764735", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-1650734", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-204639", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-204627", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-816793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management", product: { name: "communications_billing_and_revenue_management", product_id: "CSAFPID-912557", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_billing_and_revenue_management__-_elastic_charging_engine", product: { name: "communications_billing_and_revenue_management__-_elastic_charging_engine", product_id: "CSAFPID-219835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-764247", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-41194", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-1650820", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-765241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-209550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-498607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_brm_-_elastic_charging_engine", product: { name: "communications_brm_-_elastic_charging_engine", product_id: "CSAFPID-912556", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_calendar_server", product: { name: "communications_calendar_server", product_id: "CSAFPID-764736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_calendar_server", product: { name: "communications_calendar_server", product_id: "CSAFPID-220190", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_configuration_console", product: { name: "communications_cloud_native_configuration_console", product_id: "CSAFPID-391501", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_configuration_console", product: { name: "communications_cloud_native_configuration_console", product_id: "CSAFPID-440102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-89545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-180215", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-180197", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-41516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-41515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220057", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220055", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-220909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-816767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1503577", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673416", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673412", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_automated_test_suite", product: { name: "communications_cloud_native_core_automated_test_suite", product_id: "CSAFPID-1673411", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764237", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-2045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-40612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-608629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-93784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-41111", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1685", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-493445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-294401", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-220547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-764824", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-220459", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45184", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-45181", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611403", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-611404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1650752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1673396", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-912066", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_binding_support_function", product: { name: "communications_cloud_native_core_binding_support_function", product_id: "CSAFPID-1503323", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673526", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673391", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_certificate_management", product: { name: "communications_cloud_native_core_certificate_management", product_id: "CSAFPID-1673394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-165550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-93546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-180195", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-40299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-187447", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-45186", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-45185", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-220559", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-220558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-764238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-764239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816768", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-816769", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-912085", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1503578", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673389", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_console", product: { name: "communications_cloud_native_core_console", product_id: "CSAFPID-1673390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673421", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_dbtier", product: { name: "communications_cloud_native_core_dbtier", product_id: "CSAFPID-1673420", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-764825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816770", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-816771", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-912068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_data_analytics_function", product: { name: "communications_cloud_native_core_network_data_analytics_function", product_id: "CSAFPID-1503579", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-180201", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-760687", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-40947", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-93635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-503534", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-90018", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-220327", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-94290", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-220325", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-614513", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-643776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-816772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-912076", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_exposure_function", product: { name: "communications_cloud_native_core_network_exposure_function", product_id: "CSAFPID-1503580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40613", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-2044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40301", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-180194", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-449747", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-40298", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-223527", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-449746", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-503493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-260394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-219838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-611387", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-618156", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-816773", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912101", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1673473", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-1503581", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912539", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912540", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912541", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912542", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_function_cloud_native_environment", product: { name: "communications_cloud_native_core_network_function_cloud_native_environment", product_id: "CSAFPID-912543", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-40611", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-40609", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-180198", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-41112", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-41110", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-760688", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-493444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-93633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220056", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-223511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-216017", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614516", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-220918", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-614514", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816346", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912077", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1503322", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-1673415", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-816775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_repository_function", product: { name: "communications_cloud_native_core_network_repository_function", product_id: "CSAFPID-912544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-40608", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-180199", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-41113", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-260395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-260393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816348", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-912545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816347", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673494", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-1673501", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_network_slice_selection_function", product: { name: "communications_cloud_native_core_network_slice_selection_function", product_id: "CSAFPID-816777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-764240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-220468", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-2310", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-93547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-180200", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-180193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-93636", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-90020", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-90015", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-220133", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1650751", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-1673395", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-912069", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_policy", product: { name: "communications_cloud_native_core_policy", product_id: "CSAFPID-765371", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-180216", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-180202", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-40300", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-93653", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-40949", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-642000", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-93634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-90021", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-218028", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220881", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-94291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220910", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-220324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-611401", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-816778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-614517", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912547", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673392", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1503582", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-1673393", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_security_edge_protection_proxy", product: { name: "communications_cloud_native_core_security_edge_protection_proxy", product_id: "CSAFPID-912546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-40610", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-611587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-642002", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-493443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-642001", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-224795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912548", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912102", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-912549", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503583", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1503585", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_service_communication_proxy", product: { name: "communications_cloud_native_core_service_communication_proxy", product_id: "CSAFPID-1672767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-180217", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-180196", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-165576", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-40297", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-589926", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-179780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-40948", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-589925", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-179779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90019", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-90016", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-220326", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-764241", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912078", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816349", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-912550", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1503587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-1673399", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_cloud_native_core_unified_data_repository", product: { name: "communications_cloud_native_core_unified_data_repository", product_id: "CSAFPID-816779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-764737", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-224787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_contacts_server", product: { name: "communications_contacts_server", product_id: "CSAFPID-220189", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-764827", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server", product: { name: "communications_converged_application_server", product_id: "CSAFPID-764828", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server_-_service_controller", product: { name: "communications_converged_application_server_-_service_controller", product_id: "CSAFPID-764734", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_application_server_-_service_controller", product: { name: "communications_converged_application_server_-_service_controller", product_id: "CSAFPID-426842", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503599", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_converged_charging_system", product: { name: "communications_converged_charging_system", product_id: "CSAFPID-1503600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-345031", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-204635", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-764833", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-224793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergence", product: { name: "communications_convergence", product_id: "CSAFPID-816794", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-342793", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1650777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-764248", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-816350", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_convergent_charging_controller", product: { name: "communications_convergent_charging_controller", product_id: "CSAFPID-1261", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-110244", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-110242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-93777", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-1672764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_core_session_manager", product: { name: "communications_core_session_manager", product_id: "CSAFPID-93772", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_data_model", product: { name: "communications_data_model", product_id: "CSAFPID-764902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-765372", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-342799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704412", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704411", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-165544", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-704410", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_design_studio", product: { name: "communications_design_studio", product_id: "CSAFPID-41183", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_intelligence_hub", product: { name: "communications_diameter_intelligence_hub", product_id: "CSAFPID-342802", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_intelligence_hub", product: { name: "communications_diameter_intelligence_hub", product_id: "CSAFPID-764829", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1503588", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1892", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1891", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1888", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1887", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1884", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1885", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1882", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1881", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1883", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1879", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1880", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-40293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1650826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-1650830", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-611413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912551", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_diameter_signaling_router", product: { name: "communications_diameter_signaling_router", product_id: "CSAFPID-912552", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_application_processor", product: { name: "communications_eagle_application_processor", product_id: "CSAFPID-1673417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_application_processor", product: { name: "communications_eagle_application_processor", product_id: "CSAFPID-765369", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503316", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-1503317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_element_management_system", product: { name: "communications_eagle_element_management_system", product_id: "CSAFPID-204528", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_ftp_table_base_retrieval", product: { name: "communications_eagle_ftp_table_base_retrieval", product_id: "CSAFPID-204623", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_lnp_application_processor", product: { name: "communications_eagle_lnp_application_processor", product_id: "CSAFPID-352633", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_lnp_application_processor", product: { name: "communications_eagle_lnp_application_processor", product_id: "CSAFPID-352632", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_software", product: { name: "communications_eagle_software", product_id: "CSAFPID-765366", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_eagle_software", product: { name: "communications_eagle_software", product_id: "CSAFPID-765365", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_elastic_charging_engine", product: { name: "communications_elastic_charging_engine", product_id: "CSAFPID-764834", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-764242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204580", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-9226", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-9070", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-8845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204624", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-2286", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-204464", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-345038", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-93629", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-611422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-93630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_element_manager", product: { name: "communications_element_manager", product_id: "CSAFPID-816780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_evolved_communications_application_server", product: { name: "communications_evolved_communications_application_server", product_id: "CSAFPID-204645", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-816782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_fraud_monitor", product: { name: "communications_fraud_monitor", product_id: "CSAFPID-912553", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-207586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-234306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-219803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_instant_messaging_server", product: { name: "communications_instant_messaging_server", product_id: "CSAFPID-387664", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_interactive_session_recorder", product: { name: "communications_interactive_session_recorder", product_id: "CSAFPID-1893", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-204622", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_ip_service_activator", product: { name: "communications_ip_service_activator", product_id: "CSAFPID-219909", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_lsms", product: { name: "communications_lsms", product_id: "CSAFPID-1673065", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-764835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-375182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-816351", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_messaging_server", product: { name: "communications_messaging_server", product_id: "CSAFPID-41182", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-611595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_metasolv_solution", product: { name: "communications_metasolv_solution", product_id: "CSAFPID-226017", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-220167", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816353", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-764243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816352", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503589", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1503590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-1673414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_analytics_data_director", product: { name: "communications_network_analytics_data_director", product_id: "CSAFPID-816788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-342803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1650778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-1266", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-764249", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-816354", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_charging_and_control", product: { name: "communications_network_charging_and_control", product_id: "CSAFPID-204563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-220125", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-245244", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-219776", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_network_integrity", product: { name: "communications_network_integrity", product_id: "CSAFPID-204554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_offline_mediation_controller", product: { name: "communications_offline_mediation_controller", product_id: "CSAFPID-765242", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-9489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-110249", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-93781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-220132", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_operations_monitor", product: { name: "communications_operations_monitor", product_id: "CSAFPID-912079", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-219898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-224790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-221118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-179774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_order_and_service_management", product: { name: "communications_order_and_service_management", product_id: "CSAFPID-1673496", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence", product: { name: "communications_performance_intelligence", product_id: "CSAFPID-1503591", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center", product: { name: "communications_performance_intelligence_center", product_id: "CSAFPID-1673485", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-765367", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-765368", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_performance_intelligence_center__pic__software", product: { name: "communications_performance_intelligence_center__pic__software", product_id: "CSAFPID-764830", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-573035", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-45192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-611406", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_policy_management", product: { name: "communications_policy_management", product_id: "CSAFPID-816790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-764738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-204595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-204590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_pricing_design_center", product: { name: "communications_pricing_design_center", product_id: "CSAFPID-816355", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816359", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816358", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816357", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-912558", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-1503602", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816795", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816796", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_service_catalog_and_design", product: { name: "communications_service_catalog_and_design", product_id: "CSAFPID-816797", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_services_gatekeeper", product: { name: "communications_services_gatekeeper", product_id: "CSAFPID-608630", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503592", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503593", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1672762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-40291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503594", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_border_controller", product: { name: "communications_session_border_controller", product_id: "CSAFPID-1503595", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-342804", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-704413", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2296", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-166028", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2294", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2292", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2290", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2288", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2282", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2285", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-2279", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-204634", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-345039", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-93628", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-611423", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-93631", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_report_manager", product: { name: "communications_session_report_manager", product_id: "CSAFPID-816791", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-342805", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-704414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-166027", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2293", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2289", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2291", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2287", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2283", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2284", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2280", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-2281", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-220414", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_route_manager", product: { name: "communications_session_route_manager", product_id: "CSAFPID-204607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_router", product: { name: "communications_session_router", product_id: "CSAFPID-764780", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_session_router", product: { name: "communications_session_router", product_id: "CSAFPID-764781", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_subscriber-aware_load_balancer", product: { name: "communications_subscriber-aware_load_balancer", product_id: "CSAFPID-93775", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_subscriber-aware_load_balancer", product: { name: "communications_subscriber-aware_load_balancer", product_id: "CSAFPID-93774", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-240600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673382", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78763", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673070", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673381", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1650731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673530", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-764901", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-78761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-614089", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_assurance", product: { name: "communications_unified_assurance", product_id: "CSAFPID-1673068", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-764739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204614", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-8984", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-204569", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-219826", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_inventory_management", product: { name: "communications_unified_inventory_management", product_id: "CSAFPID-912073", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_session_manager", product: { name: "communications_unified_session_manager", product_id: "CSAFPID-110243", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_unified_session_manager", product: { name: "communications_unified_session_manager", product_id: "CSAFPID-205759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503596", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503597", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1503598", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-764900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-76994", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-568240", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-764782", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-355340", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-912080", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_user_data_repository", product: { name: "communications_user_data_repository", product_id: "CSAFPID-1673481", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-912554", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-611408", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-703515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-611407", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "communications_webrtc_session_controller", product: { name: "communications_webrtc_session_controller", product_id: "CSAFPID-204456", product_identification_helper: { cpe: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2021-37137", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-41182", "CSAFPID-209546", "CSAFPID-40608", "CSAFPID-180216", "CSAFPID-93547", "CSAFPID-180217", "CSAFPID-2310", "CSAFPID-40612", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-1899", "CSAFPID-41111", "CSAFPID-40299", "CSAFPID-187447", "CSAFPID-1900", "CSAFPID-40301", "CSAFPID-180194", "CSAFPID-40298", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-40300", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-40294", "CSAFPID-110243", "CSAFPID-204629", "CSAFPID-765241", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-41183", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-1893", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-204456", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-204645", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180196", "CSAFPID-180201", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-764739", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204635", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673381", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2021-37137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-41182", "CSAFPID-209546", "CSAFPID-40608", "CSAFPID-180216", "CSAFPID-93547", "CSAFPID-180217", "CSAFPID-2310", "CSAFPID-40612", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-1899", "CSAFPID-41111", "CSAFPID-40299", "CSAFPID-187447", "CSAFPID-1900", "CSAFPID-40301", "CSAFPID-180194", "CSAFPID-40298", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-40300", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-40294", "CSAFPID-110243", "CSAFPID-204629", "CSAFPID-765241", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-41183", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-1893", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-204456", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-204645", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180196", "CSAFPID-180201", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-764739", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204635", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673381", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2021-37137", }, { cve: "CVE-2022-2068", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-40949", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-764735", "CSAFPID-204635", "CSAFPID-41183", "CSAFPID-234306", "CSAFPID-41182", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-764738", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-220547", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-93636", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-2068", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-40949", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45182", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-216017", "CSAFPID-764240", "CSAFPID-90021", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-94291", "CSAFPID-493443", "CSAFPID-224796", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-40293", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-93781", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-342793", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-342803", "CSAFPID-204563", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-764735", "CSAFPID-204635", "CSAFPID-41183", "CSAFPID-234306", "CSAFPID-41182", "CSAFPID-226017", "CSAFPID-219898", "CSAFPID-179774", "CSAFPID-764738", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-220547", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-93636", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-2068", }, { cve: "CVE-2022-2601", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-2601", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-2601", }, { cve: "CVE-2022-23437", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-204629", "CSAFPID-704410", "CSAFPID-704411", "CSAFPID-704412", "CSAFPID-226017", "CSAFPID-179774", "CSAFPID-219898", "CSAFPID-219826", "CSAFPID-204569", "CSAFPID-204510", "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-220548", "CSAFPID-608629", "CSAFPID-93784", "CSAFPID-41111", "CSAFPID-1685", "CSAFPID-493445", "CSAFPID-294401", "CSAFPID-220547", "CSAFPID-764824", "CSAFPID-220459", "CSAFPID-764825", "CSAFPID-93635", "CSAFPID-503534", "CSAFPID-503493", "CSAFPID-493444", "CSAFPID-93633", "CSAFPID-260395", "CSAFPID-260393", "CSAFPID-220468", "CSAFPID-93636", "CSAFPID-93634", "CSAFPID-589926", "CSAFPID-179780", "CSAFPID-589925", "CSAFPID-179779", "CSAFPID-764826", "CSAFPID-764827", "CSAFPID-764828", "CSAFPID-764829", "CSAFPID-764830", "CSAFPID-220190", "CSAFPID-220189", "CSAFPID-764833", "CSAFPID-41183", "CSAFPID-764834", "CSAFPID-234306", "CSAFPID-764835", "CSAFPID-187447", "CSAFPID-760687", "CSAFPID-40947", "CSAFPID-2044", "CSAFPID-449747", "CSAFPID-40301", "CSAFPID-449746", "CSAFPID-40298", "CSAFPID-223527", "CSAFPID-760688", "CSAFPID-40300", "CSAFPID-93653", "CSAFPID-40949", "CSAFPID-642000", "CSAFPID-642002", "CSAFPID-642001", "CSAFPID-165576", "CSAFPID-764899", "CSAFPID-40948", "CSAFPID-426842", "CSAFPID-93630", "CSAFPID-204645", "CSAFPID-1893", "CSAFPID-40294", "CSAFPID-93631", "CSAFPID-764900", "CSAFPID-568240", "CSAFPID-355340", "CSAFPID-703515", "CSAFPID-204456", "CSAFPID-204635", "CSAFPID-41182", "CSAFPID-764901", "CSAFPID-764902", "CSAFPID-1899", "CSAFPID-40299", "CSAFPID-1900", "CSAFPID-180194", "CSAFPID-41112", "CSAFPID-41110", "CSAFPID-41113", "CSAFPID-180193", "CSAFPID-1898", "CSAFPID-611587", "CSAFPID-40297", "CSAFPID-110244", "CSAFPID-110242", "CSAFPID-9489", "CSAFPID-110249", "CSAFPID-110243", "CSAFPID-765241", "CSAFPID-209546", "CSAFPID-207586", "CSAFPID-765242", "CSAFPID-205759", "CSAFPID-765365", "CSAFPID-765366", "CSAFPID-342804", "CSAFPID-342805", "CSAFPID-1882", "CSAFPID-573035", "CSAFPID-765367", "CSAFPID-765368", "CSAFPID-764242", "CSAFPID-76994", "CSAFPID-204623", "CSAFPID-352633", "CSAFPID-352632", "CSAFPID-765369", "CSAFPID-204528", "CSAFPID-342802", "CSAFPID-40610", "CSAFPID-40611", "CSAFPID-40609", "CSAFPID-180198", "CSAFPID-180217", "CSAFPID-180196", "CSAFPID-40612", "CSAFPID-180201", "CSAFPID-180216", "CSAFPID-180202", "CSAFPID-40613", "CSAFPID-40608", "CSAFPID-180199", "CSAFPID-93546", "CSAFPID-180195", "CSAFPID-2310", "CSAFPID-93547", "CSAFPID-180200", "CSAFPID-765371", "CSAFPID-89545", "CSAFPID-180215", "CSAFPID-180197", "CSAFPID-204639", "CSAFPID-204627", "CSAFPID-342799", "CSAFPID-765372", "CSAFPID-220125", "CSAFPID-245244", "CSAFPID-204554", "CSAFPID-204614", "CSAFPID-345031", "CSAFPID-204595", "CSAFPID-204590", "CSAFPID-224787", "CSAFPID-1673065", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-23437", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json", }, ], title: "CVE-2022-23437", }, { cve: "CVE-2022-36760", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-704412", "CSAFPID-704411", "CSAFPID-704410", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2022-36760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-220057", "CSAFPID-220055", "CSAFPID-220909", "CSAFPID-45184", "CSAFPID-45182", "CSAFPID-220559", "CSAFPID-220558", "CSAFPID-220327", "CSAFPID-220325", "CSAFPID-219838", "CSAFPID-220056", "CSAFPID-223511", "CSAFPID-216017", "CSAFPID-220889", "CSAFPID-220918", "CSAFPID-90020", "CSAFPID-90015", "CSAFPID-220133", "CSAFPID-220561", "CSAFPID-90021", "CSAFPID-220881", "CSAFPID-94291", "CSAFPID-220910", "CSAFPID-220324", "CSAFPID-224796", "CSAFPID-224795", "CSAFPID-220326", "CSAFPID-764734", "CSAFPID-40293", "CSAFPID-220167", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764736", "CSAFPID-764737", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-704412", "CSAFPID-704411", "CSAFPID-704410", "CSAFPID-219803", "CSAFPID-375182", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-219776", "CSAFPID-224791", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-764738", "CSAFPID-240600", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-391501", "CSAFPID-440102", "CSAFPID-41516", "CSAFPID-41515", "CSAFPID-764237", "CSAFPID-45181", "CSAFPID-45186", "CSAFPID-45185", "CSAFPID-90018", "CSAFPID-94290", "CSAFPID-260394", "CSAFPID-764240", "CSAFPID-94292", "CSAFPID-218028", "CSAFPID-493443", "CSAFPID-90019", "CSAFPID-90016", "CSAFPID-93777", "CSAFPID-93772", "CSAFPID-345038", "CSAFPID-93629", "CSAFPID-45192", "CSAFPID-608630", "CSAFPID-40292", "CSAFPID-40291", "CSAFPID-345039", "CSAFPID-93628", "CSAFPID-764780", "CSAFPID-764781", "CSAFPID-93775", "CSAFPID-93774", "CSAFPID-764782", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-204563", "CSAFPID-8984", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2022-36760", }, { cve: "CVE-2023-2953", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-2953", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-2953", }, { cve: "CVE-2023-3635", cwe: { id: "CWE-195", name: "Signed to Unsigned Conversion Error", }, notes: [ { category: "other", text: "Signed to Unsigned Conversion Error", title: "CWE-195", }, { category: "other", text: "Uncaught Exception", title: "CWE-248", }, ], product_status: { known_affected: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-204622", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-219909", "CSAFPID-220558", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611401", "CSAFPID-611406", "CSAFPID-611407", "CSAFPID-611408", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-614513", "CSAFPID-614514", "CSAFPID-614515", "CSAFPID-614516", "CSAFPID-614517", "CSAFPID-618156", "CSAFPID-643776", "CSAFPID-764237", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-764240", "CSAFPID-764241", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-764249", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", ], }, references: [ { category: "self", summary: "CVE-2023-3635", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-94291", "CSAFPID-40293", "CSAFPID-204622", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-219909", "CSAFPID-220558", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611401", "CSAFPID-611406", "CSAFPID-611407", "CSAFPID-611408", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-614513", "CSAFPID-614514", "CSAFPID-614515", "CSAFPID-614516", "CSAFPID-614517", "CSAFPID-618156", "CSAFPID-643776", "CSAFPID-764237", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-764240", "CSAFPID-764241", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-764249", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-912102", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", ], }, ], title: "CVE-2023-3635", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816352", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-342804", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-224793", "CSAFPID-816794", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342803", "CSAFPID-611595", "CSAFPID-764738", "CSAFPID-816351", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-912073", "CSAFPID-912558", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816352", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-342804", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-224793", "CSAFPID-816794", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-219803", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-240600", "CSAFPID-342803", "CSAFPID-611595", "CSAFPID-764738", "CSAFPID-816351", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-912073", "CSAFPID-912558", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2023-5685", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2023-5685", }, { cve: "CVE-2023-6597", cwe: { id: "CWE-61", name: "UNIX Symbolic Link (Symlink) Following", }, notes: [ { category: "other", text: "UNIX Symbolic Link (Symlink) Following", title: "CWE-61", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2023-6597", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2023-6597", }, { cve: "CVE-2023-6816", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, notes: [ { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-6816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-6816", }, { cve: "CVE-2023-38408", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-45182", "CSAFPID-40293", "CSAFPID-611406", "CSAFPID-764237", "CSAFPID-220558", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-614513", "CSAFPID-643776", "CSAFPID-611387", "CSAFPID-618156", "CSAFPID-614516", "CSAFPID-614515", "CSAFPID-614514", "CSAFPID-764240", "CSAFPID-94291", "CSAFPID-611401", "CSAFPID-614517", "CSAFPID-764241", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-342804", "CSAFPID-611408", "CSAFPID-611407", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-611595", "CSAFPID-764249", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-38408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-45182", "CSAFPID-40293", "CSAFPID-611406", "CSAFPID-764237", "CSAFPID-220558", "CSAFPID-764238", "CSAFPID-764239", "CSAFPID-614513", "CSAFPID-643776", "CSAFPID-611387", "CSAFPID-618156", "CSAFPID-614516", "CSAFPID-614515", "CSAFPID-614514", "CSAFPID-764240", "CSAFPID-94291", "CSAFPID-611401", "CSAFPID-614517", "CSAFPID-764241", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-764243", "CSAFPID-342804", "CSAFPID-611408", "CSAFPID-611407", "CSAFPID-764247", "CSAFPID-764248", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-611595", "CSAFPID-764249", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-240600", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-38408", }, { cve: "CVE-2023-43642", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673395", "CSAFPID-94291", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", ], }, references: [ { category: "self", summary: "CVE-2023-43642", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-40293", "CSAFPID-1265", "CSAFPID-1261", "CSAFPID-1266", "CSAFPID-8984", "CSAFPID-1673395", "CSAFPID-94291", "CSAFPID-204510", "CSAFPID-204563", "CSAFPID-204569", "CSAFPID-204622", "CSAFPID-219803", "CSAFPID-219838", "CSAFPID-219909", "CSAFPID-221118", "CSAFPID-224790", "CSAFPID-224793", "CSAFPID-240600", "CSAFPID-342793", "CSAFPID-342803", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-611595", "CSAFPID-614517", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764738", "CSAFPID-816346", "CSAFPID-816347", "CSAFPID-816348", "CSAFPID-816349", "CSAFPID-816350", "CSAFPID-816351", "CSAFPID-816352", "CSAFPID-816353", "CSAFPID-816354", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816776", "CSAFPID-816777", "CSAFPID-816778", "CSAFPID-816779", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816786", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", ], }, ], title: "CVE-2023-43642", }, { cve: "CVE-2023-46136", cwe: { id: "CWE-407", name: "Inefficient Algorithmic Complexity", }, notes: [ { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673411", "CSAFPID-912549", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-220132", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2023-46136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673411", "CSAFPID-912549", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-220132", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2023-46136", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816352", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-219803", "CSAFPID-816351", "CSAFPID-611595", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673417", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-90016", "CSAFPID-764826", "CSAFPID-345038", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-93781", "CSAFPID-345039", "CSAFPID-912080", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-611413", "CSAFPID-240600", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-816765", "CSAFPID-816766", "CSAFPID-816767", "CSAFPID-816768", "CSAFPID-816769", "CSAFPID-816770", "CSAFPID-816771", "CSAFPID-816772", "CSAFPID-219838", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-816774", "CSAFPID-816775", "CSAFPID-816346", "CSAFPID-816776", "CSAFPID-816348", "CSAFPID-816777", "CSAFPID-816347", "CSAFPID-94291", "CSAFPID-816778", "CSAFPID-614517", "CSAFPID-816779", "CSAFPID-816349", "CSAFPID-40293", "CSAFPID-764242", "CSAFPID-816780", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-816783", "CSAFPID-816784", "CSAFPID-816785", "CSAFPID-816353", "CSAFPID-816786", "CSAFPID-816352", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-224793", "CSAFPID-342793", "CSAFPID-1265", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-219803", "CSAFPID-816351", "CSAFPID-611595", "CSAFPID-342803", "CSAFPID-1266", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673417", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-90016", "CSAFPID-764826", "CSAFPID-345038", "CSAFPID-912079", "CSAFPID-220132", "CSAFPID-93781", "CSAFPID-345039", "CSAFPID-912080", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-611413", "CSAFPID-240600", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-816357", "CSAFPID-816358", "CSAFPID-816359", "CSAFPID-816787", "CSAFPID-816788", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-816791", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-816794", "CSAFPID-816795", "CSAFPID-816796", "CSAFPID-816797", "CSAFPID-8984", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-1503601", "CSAFPID-1503602", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-51775", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-51775", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2023-51775", }, { cve: "CVE-2023-52428", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912102", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2023-52428", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912073", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912102", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2023-52428", }, { cve: "CVE-2024-0450", cwe: { id: "CWE-450", name: "Multiple Interpretations of UI Input", }, notes: [ { category: "other", text: "Multiple Interpretations of UI Input", title: "CWE-450", }, { category: "other", text: "Asymmetric Resource Consumption (Amplification)", title: "CWE-405", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-0450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json", }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-0450", }, { cve: "CVE-2024-2398", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-2398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-2398", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1650731", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650731", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-5971", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, notes: [ { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673526", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-5971", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1673399", "CSAFPID-1673526", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-5971", }, { cve: "CVE-2024-6162", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-6162", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673526", "CSAFPID-1673399", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-6162", }, { cve: "CVE-2024-6387", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "other", text: "Signal Handler Race Condition", title: "CWE-364", }, ], product_status: { known_affected: [ "CSAFPID-1503595", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-6387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json", }, ], title: "CVE-2024-6387", }, { cve: "CVE-2024-7254", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673391", "CSAFPID-1673394", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-7254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json", }, ], title: "CVE-2024-7254", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673530", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673530", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-912101", "CSAFPID-1673473", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-912101", "CSAFPID-1673473", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673475", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-224795", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673475", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-219776", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-224795", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-22257", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-22257", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-22257", }, { cve: "CVE-2024-22262", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, notes: [ { category: "other", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650820", "CSAFPID-1650751", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-22262", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650820", "CSAFPID-1650751", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-22262", }, { cve: "CVE-2024-23672", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "other", text: "Incomplete Cleanup", title: "CWE-459", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-23672", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-23672", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650734", "CSAFPID-1650830", "CSAFPID-1650777", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-1650778", "CSAFPID-41182", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650734", "CSAFPID-1650830", "CSAFPID-1650777", "CSAFPID-204622", "CSAFPID-219909", "CSAFPID-1650778", "CSAFPID-41182", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-24549", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-24549", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650826", "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-816773", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-764240", "CSAFPID-614517", "CSAFPID-224795", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-93781", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-342804", "CSAFPID-912080", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-219776", "CSAFPID-765242", "CSAFPID-764739", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219826", "CSAFPID-912073", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-24549", }, { cve: "CVE-2024-25062", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1650752", "CSAFPID-1673481", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-25062", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650751", "CSAFPID-1650752", "CSAFPID-1673481", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-912068", "CSAFPID-912076", "CSAFPID-611387", "CSAFPID-912539", "CSAFPID-816773", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912101", "CSAFPID-912544", "CSAFPID-912077", "CSAFPID-816348", "CSAFPID-912545", "CSAFPID-764240", "CSAFPID-912546", "CSAFPID-614517", "CSAFPID-912547", "CSAFPID-224795", "CSAFPID-912548", "CSAFPID-912102", "CSAFPID-912549", "CSAFPID-764826", "CSAFPID-90016", "CSAFPID-912078", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-611413", "CSAFPID-764242", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912553", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-342804", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-765242", "CSAFPID-912073", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-25062", }, { cve: "CVE-2024-25638", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "other", text: "Acceptance of Extraneous Untrusted Data With Trusted Data", title: "CWE-349", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-25638", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json", }, ], scores: [ { cvss_v3: { baseScore: 8.9, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-25638", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-1670429", "CSAFPID-1670430", "CSAFPID-1670431", "CSAFPID-1670432", "CSAFPID-1670433", "CSAFPID-1670434", "CSAFPID-1670435", "CSAFPID-1670436", "CSAFPID-1670437", "CSAFPID-1670438", "CSAFPID-1670439", "CSAFPID-1670440", "CSAFPID-1670441", "CSAFPID-1670442", "CSAFPID-90016", "CSAFPID-93781", "CSAFPID-204510", "CSAFPID-204569", "CSAFPID-219776", "CSAFPID-219826", "CSAFPID-220132", "CSAFPID-224795", "CSAFPID-342804", "CSAFPID-611387", "CSAFPID-611413", "CSAFPID-614517", "CSAFPID-764237", "CSAFPID-764240", "CSAFPID-764242", "CSAFPID-764247", "CSAFPID-764735", "CSAFPID-764739", "CSAFPID-764826", "CSAFPID-765242", "CSAFPID-816348", "CSAFPID-816773", "CSAFPID-816781", "CSAFPID-816782", "CSAFPID-912068", "CSAFPID-912073", "CSAFPID-912076", "CSAFPID-912077", "CSAFPID-912078", "CSAFPID-912079", "CSAFPID-912080", "CSAFPID-912085", "CSAFPID-912101", "CSAFPID-912102", "CSAFPID-912539", "CSAFPID-912540", "CSAFPID-912541", "CSAFPID-912542", "CSAFPID-912543", "CSAFPID-912544", "CSAFPID-912545", "CSAFPID-912546", "CSAFPID-912547", "CSAFPID-912548", "CSAFPID-912549", "CSAFPID-912550", "CSAFPID-912551", "CSAFPID-912552", "CSAFPID-912553", "CSAFPID-912554", "CSAFPID-912556", "CSAFPID-912557", "CSAFPID-912558", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-1503582", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1673485", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673389", "CSAFPID-1672767", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673415", "CSAFPID-1673390", "CSAFPID-1673413", "CSAFPID-1673395", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1673485", "CSAFPID-1673393", "CSAFPID-1673394", "CSAFPID-1673389", "CSAFPID-1672767", "CSAFPID-1673391", "CSAFPID-1673392", "CSAFPID-1673415", "CSAFPID-1673390", "CSAFPID-1673413", "CSAFPID-1673395", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1673414", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1635310", "CSAFPID-1635311", "CSAFPID-1635312", "CSAFPID-1635313", "CSAFPID-1635314", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635317", "CSAFPID-1635318", "CSAFPID-1635319", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1635322", "CSAFPID-1635323", "CSAFPID-1635324", "CSAFPID-1635325", "CSAFPID-1635326", "CSAFPID-1635327", "CSAFPID-1635328", "CSAFPID-1635329", "CSAFPID-1650752", "CSAFPID-1650751", "CSAFPID-1673494", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1674636", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1650820", "CSAFPID-224790", "CSAFPID-221118", "CSAFPID-1673496", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-29736", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-29736", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673399", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-29736", }, { cve: "CVE-2024-29857", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1673413", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, references: [ { category: "self", summary: "CVE-2024-29857", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673413", "CSAFPID-1673415", "CSAFPID-1673501", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", "CSAFPID-220055", "CSAFPID-1503577", "CSAFPID-764237", "CSAFPID-912085", "CSAFPID-1503578", "CSAFPID-1503579", "CSAFPID-1503580", "CSAFPID-912101", "CSAFPID-1503581", "CSAFPID-1503322", "CSAFPID-912069", "CSAFPID-764240", "CSAFPID-912547", "CSAFPID-1503582", "CSAFPID-912549", "CSAFPID-1503583", "CSAFPID-1503584", "CSAFPID-1503585", "CSAFPID-1503586", "CSAFPID-1503587", "CSAFPID-1503588", "CSAFPID-1503316", "CSAFPID-1503317", "CSAFPID-764242", "CSAFPID-1503589", "CSAFPID-1503590", "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1503591", "CSAFPID-816789", "CSAFPID-816790", "CSAFPID-1503592", "CSAFPID-1503593", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-342804", "CSAFPID-1503596", "CSAFPID-1503597", "CSAFPID-1503598", "CSAFPID-816792", "CSAFPID-764247", "CSAFPID-912556", "CSAFPID-764735", "CSAFPID-816793", "CSAFPID-1503599", "CSAFPID-1503600", "CSAFPID-342793", "CSAFPID-816350", "CSAFPID-1261", "CSAFPID-342803", "CSAFPID-816354", "CSAFPID-204563", "CSAFPID-764738", "CSAFPID-816355", "CSAFPID-1503601", "CSAFPID-1503602", "CSAFPID-240600", "CSAFPID-204510", "CSAFPID-204569", ], }, ], title: "CVE-2024-29857", }, { cve: "CVE-2024-30251", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-30251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-30251", }, { cve: "CVE-2024-31080", cwe: { id: "CWE-126", name: "Buffer Over-read", }, notes: [ { category: "other", text: "Buffer Over-read", title: "CWE-126", }, { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-31080", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json", }, ], title: "CVE-2024-31080", }, { cve: "CVE-2024-31744", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-31744", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673392", "CSAFPID-1673393", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-31744", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220132", "CSAFPID-912079", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-33602", cwe: { id: "CWE-466", name: "Return of Pointer Value Outside of Expected Range", }, notes: [ { category: "other", text: "Return of Pointer Value Outside of Expected Range", title: "CWE-466", }, { category: "other", text: "Improper Check or Handling of Exceptional Conditions", title: "CWE-703", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-33602", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673396", "CSAFPID-1503594", "CSAFPID-1503595", "CSAFPID-1672762", "CSAFPID-1673395", "CSAFPID-1672764", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673494", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-33602", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673481", "CSAFPID-1503596", "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-912549", "CSAFPID-1673413", "CSAFPID-1673414", "CSAFPID-1673396", "CSAFPID-1503590", "CSAFPID-1673393", "CSAFPID-1673395", "CSAFPID-1673399", "CSAFPID-1672767", "CSAFPID-1503585", "CSAFPID-1673392", "CSAFPID-1503589", "CSAFPID-1673415", "CSAFPID-1673389", "CSAFPID-1673390", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38816", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-38816", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673420", "CSAFPID-1673421", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-38816", }, { cve: "CVE-2024-39689", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673393", ], }, references: [ { category: "self", summary: "CVE-2024-39689", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673393", ], }, ], title: "CVE-2024-39689", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-1673516", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673516", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1650731", "CSAFPID-1673382", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-41817", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1674625", ], }, references: [ { category: "self", summary: "CVE-2024-41817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1650731", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1674625", ], }, ], title: "CVE-2024-41817", }, { cve: "CVE-2024-43044", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, ], product_status: { known_affected: [ "CSAFPID-1673395", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673494", "CSAFPID-1673393", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-43044", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json", }, ], scores: [ { cvss_v3: { baseScore: 9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673395", "CSAFPID-1673411", "CSAFPID-1673412", "CSAFPID-1673413", "CSAFPID-1673396", "CSAFPID-1673392", "CSAFPID-1673494", "CSAFPID-1673393", "CSAFPID-1673415", "CSAFPID-1673416", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-43044", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673382", "CSAFPID-1673399", "CSAFPID-1650731", "CSAFPID-1673517", "CSAFPID-1673396", "CSAFPID-1674617", "CSAFPID-1674618", "CSAFPID-1674619", "CSAFPID-1674620", "CSAFPID-1674621", "CSAFPID-1674622", "CSAFPID-1674623", "CSAFPID-1674624", "CSAFPID-1674625", "CSAFPID-1674626", "CSAFPID-1674627", "CSAFPID-1674628", "CSAFPID-1635305", "CSAFPID-1635306", "CSAFPID-1635307", "CSAFPID-1635308", "CSAFPID-1635309", "CSAFPID-1670434", "CSAFPID-1674629", "CSAFPID-1635315", "CSAFPID-1635316", "CSAFPID-1635318", "CSAFPID-1674630", "CSAFPID-1674631", "CSAFPID-1674632", "CSAFPID-1674633", "CSAFPID-1674634", "CSAFPID-1674635", "CSAFPID-1635323", "CSAFPID-1674636", "CSAFPID-1635324", "CSAFPID-1674637", "CSAFPID-1674638", "CSAFPID-1674639", "CSAFPID-1674640", "CSAFPID-1674641", "CSAFPID-1674642", "CSAFPID-1635320", "CSAFPID-1635321", "CSAFPID-1674643", "CSAFPID-1674644", "CSAFPID-1674645", "CSAFPID-1674646", ], }, ], title: "CVE-2024-45492", }, ], }
NCSC-2024-0433
Vulnerability from csaf_ncscnl
Published
2024-11-12 14:19
Modified
2024-11-12 14:19
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als Mendix, RUGGEDCOM, SCALANCE, SIMATIC en SINEC.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Cross-Site-Scripting (XSS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-606
Unchecked Input for Loop Condition
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-115
Misinterpretation of Input
CWE-1059
Insufficient Technical Documentation
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-310
CWE-310
CWE-328
Use of Weak Hash
CWE-1284
Improper Validation of Specified Quantity in Input
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
CWE-1268
Policy Privileges are not Assigned Consistently Between Control and Data Agents
CWE-684
Incorrect Provision of Specified Functionality
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-834
Excessive Iteration
CWE-266
Incorrect Privilege Assignment
CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CWE-271
Privilege Dropping / Lowering Errors
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-667
Improper Locking
CWE-440
Expected Behavior Violation
CWE-297
Improper Validation of Certificate with Host Mismatch
CWE-311
Missing Encryption of Sensitive Data
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-617
Reachable Assertion
CWE-427
Uncontrolled Search Path Element
CWE-319
Cleartext Transmission of Sensitive Information
CWE-613
Insufficient Session Expiration
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-203
Observable Discrepancy
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-321
Use of Hard-coded Cryptographic Key
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-416
Use After Free
CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-436
Interpretation Conflict
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-863
Incorrect Authorization
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-789
Memory Allocation with Excessive Size Value
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-287
Improper Authentication
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Siemens heeft kwetsbaarheden verholpen in diverse producten als Mendix, RUGGEDCOM, SCALANCE, SIMATIC en SINEC.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Cross-Site-Scripting (XSS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", title: "Interpretaties", }, { category: "description", text: "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, { category: "general", text: "Misinterpretation of Input", title: "CWE-115", }, { category: "general", text: "Insufficient Technical Documentation", title: "CWE-1059", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "CWE-310", title: "CWE-310", }, { category: "general", text: "Use of Weak Hash", title: "CWE-328", }, { category: "general", text: "Improper Validation of Specified Quantity in Input", title: "CWE-1284", }, { category: "general", text: "Exposure of Sensitive Information Due to Incompatible Policies", title: "CWE-213", }, { category: "general", text: "Policy Privileges are not Assigned Consistently Between Control and Data Agents", title: "CWE-1268", }, { category: "general", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Incorrect Privilege Assignment", title: "CWE-266", }, { category: "general", text: "Permissive Cross-domain Policy with Untrusted Domains", title: "CWE-942", }, { category: "general", text: "Privilege Dropping / Lowering Errors", title: "CWE-271", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Improper Locking", title: "CWE-667", }, { category: "general", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "general", text: "Improper Validation of Certificate with Host Mismatch", title: "CWE-297", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Reachable Assertion", title: "CWE-617", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Cleartext Transmission of Sensitive Information", title: "CWE-319", }, { category: "general", text: "Insufficient Session Expiration", title: "CWE-613", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "general", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Use of Hard-coded Cryptographic Key", title: "CWE-321", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, { category: "general", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Interpretation Conflict", title: "CWE-436", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Incorrect Authorization", title: "CWE-863", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-000297.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-064257.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-230445.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-331112.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-351178.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-354112.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-454789.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616032.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-654798.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-871035.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914892.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-915275.pdf", }, ], title: "Kwetsbaarheden verholpen in Siemens producten", tracking: { current_release_date: "2024-11-12T14:19:20.051128Z", id: "NCSC-2024-0433", initial_release_date: "2024-11-12T14:19:20.051128Z", revision_history: [ { date: "2024-11-12T14:19:20.051128Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "mendix_runtime_v10.12", product: { name: "mendix_runtime_v10.12", product_id: "CSAFPID-1637623", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10.12:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v10.6", product: { name: "mendix_runtime_v10.6", product_id: "CSAFPID-1637624", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v10", product: { name: "mendix_runtime_v10", product_id: "CSAFPID-1637622", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v8", product: { name: "mendix_runtime_v8", product_id: "CSAFPID-1637625", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v9", product: { name: "mendix_runtime_v9", product_id: "CSAFPID-1637626", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v9:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ozw672", product: { name: "ozw672", product_id: "CSAFPID-1712832", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ozw672:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ozw772", product: { name: "ozw772", product_id: "CSAFPID-1712833", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ozw772:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_1000_to_5000_v3.1", product: { name: "pp_telecontrol_server_basic_1000_to_5000_v3.1", product_id: "CSAFPID-1712834", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_1000_to_5000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_256_to_1000_v3.1", product: { name: "pp_telecontrol_server_basic_256_to_1000_v3.1", product_id: "CSAFPID-1712835", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_256_to_1000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_32_to_64_v3.1", product: { name: "pp_telecontrol_server_basic_32_to_64_v3.1", product_id: "CSAFPID-1712836", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_32_to_64_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_64_to_256_v3.1", product: { name: "pp_telecontrol_server_basic_64_to_256_v3.1", product_id: "CSAFPID-1712837", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_64_to_256_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_8_to_32_v3.1", product: { name: "pp_telecontrol_server_basic_8_to_32_v3.1", product_id: "CSAFPID-1712838", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_8_to_32_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808", product: { name: "ruggedcom_ape1808", product_id: "CSAFPID-1615259", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_rm1224_lte_4g__eu", product: { name: "ruggedcom_rm1224_lte_4g__eu", product_id: "CSAFPID-1702670", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_rm1224_lte_4g__eu:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_rm1224_lte_4g__nam", product: { name: "ruggedcom_rm1224_lte_4g__nam", product_id: "CSAFPID-1702671", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_rm1224_lte_4g__nam:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7-pct", product: { name: "s7-pct", product_id: "CSAFPID-1637909", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7-pct:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7-pct", product: { name: "s7-pct", product_id: "CSAFPID-1470060", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7-pct:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7_port_configuration_tool", product: { name: "s7_port_configuration_tool", product_id: "CSAFPID-1472074", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7_port_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m804pb", product: { name: "scalance_m804pb", product_id: "CSAFPID-1702672", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m804pb:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m812-1_adsl-router", product: { name: "scalance_m812-1_adsl-router", product_id: "CSAFPID-1712749", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m812-1_adsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m816-1_adsl-router", product: { name: "scalance_m816-1_adsl-router", product_id: "CSAFPID-1712750", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m816-1_adsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m826-2_shdsl-router", product: { name: "scalance_m826-2_shdsl-router", product_id: "CSAFPID-1702677", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-2", product: { name: "scalance_m874-2", product_id: "CSAFPID-1702678", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-3", product: { name: "scalance_m874-3", product_id: "CSAFPID-1702679", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-3_3g-router__cn_", product: { name: "scalance_m874-3_3g-router__cn_", product_id: "CSAFPID-1712751", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-3_3g-router__cn_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-3", product: { name: "scalance_m876-3", product_id: "CSAFPID-1712752", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-3__rok_", product: { name: "scalance_m876-3__rok_", product_id: "CSAFPID-1702681", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-3__rok_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4", product: { name: "scalance_m876-4", product_id: "CSAFPID-1712753", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4__eu_", product: { name: "scalance_m876-4__eu_", product_id: "CSAFPID-1702682", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4__nam_", product: { name: "scalance_m876-4__nam_", product_id: "CSAFPID-1702683", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4__nam_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__a1_", product: { name: "scalance_mum853-1__a1_", product_id: "CSAFPID-1712754", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__a1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__b1_", product: { name: "scalance_mum853-1__b1_", product_id: "CSAFPID-1712755", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__b1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__eu_", product: { name: "scalance_mum853-1__eu_", product_id: "CSAFPID-1712756", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__a1_", product: { name: "scalance_mum856-1__a1_", product_id: "CSAFPID-1712757", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__a1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__b1_", product: { name: "scalance_mum856-1__b1_", product_id: "CSAFPID-1712758", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__b1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__cn_", product: { name: "scalance_mum856-1__cn_", product_id: "CSAFPID-1712759", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__cn_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__eu_", product: { name: "scalance_mum856-1__eu_", product_id: "CSAFPID-1702684", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__row_", product: { name: "scalance_mum856-1__row_", product_id: "CSAFPID-1702685", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__row_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_s615_eec_lan-router", product: { name: "scalance_s615_eec_lan-router", product_id: "CSAFPID-1712760", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_s615_eec_lan-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_s615_lan-router", product: { name: "scalance_s615_lan-router", product_id: "CSAFPID-1712761", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_s615_lan-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xch328__6gk5328-4ts01-2ec2_", product: { name: "scalance_xch328__6gk5328-4ts01-2ec2_", product_id: "CSAFPID-1613504", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xch328__6gk5328-4ts01-2ec2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm324__6gk5324-8ts01-2ac2_", product: { name: "scalance_xcm324__6gk5324-8ts01-2ac2_", product_id: "CSAFPID-1613505", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm324__6gk5324-8ts01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm328__6gk5328-4ts01-2ac2_", product: { name: "scalance_xcm328__6gk5328-4ts01-2ac2_", product_id: "CSAFPID-1613506", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm328__6gk5328-4ts01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm332__6gk5332-0ga01-2ac2_", product: { name: "scalance_xcm332__6gk5332-0ga01-2ac2_", product_id: "CSAFPID-1613507", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm332__6gk5332-0ga01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_", product: { name: "scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_", product_id: "CSAFPID-1613592", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_", product: { name: "scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_", product_id: "CSAFPID-1613593", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_", product: { name: "scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_", product_id: "CSAFPID-1613594", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_", product: { name: "scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_", product_id: "CSAFPID-1613595", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_", product: { name: "scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_", product_id: "CSAFPID-1613596", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_", product: { name: "scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_", product_id: "CSAFPID-1613597", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_", product: { name: "scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_", product_id: "CSAFPID-1613598", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool", product: { name: "security_configuration_tool", product_id: "CSAFPID-1625339", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool__sct_", product: { name: "security_configuration_tool__sct_", product_id: "CSAFPID-1637910", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool__sct_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool__sct_", product: { name: "security_configuration_tool__sct_", product_id: "CSAFPID-1470061", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool__sct_:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1472069", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1637559", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1470062", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:all_versions:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_batch_v9.1", product: { name: "simatic_batch_v9.1", product_id: "CSAFPID-1625340", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_batch_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_batch_v9.1", product: { name: "simatic_batch_v9.1", product_id: "CSAFPID-1470063", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_batch_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_cp_1543-1_v4.0", product: { name: "simatic_cp_1543-1_v4.0", product_id: "CSAFPID-1712748", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_cp_1543-1_v4.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_mv500_family", product: { name: "simatic_mv500_family", product_id: "CSAFPID-1703073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_mv500_family:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc-software", product: { name: "simatic_net_pc-software", product_id: "CSAFPID-1625344", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc-software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software", product: { name: "simatic_net_pc_software", product_id: "CSAFPID-1470064", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v16", product: { name: "simatic_net_pc_software_v16", product_id: "CSAFPID-1637849", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v16", product: { name: "simatic_net_pc_software_v16", product_id: "CSAFPID-1457906", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v17", product: { name: "simatic_net_pc_software_v17", product_id: "CSAFPID-1637850", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v17", product: { name: "simatic_net_pc_software_v17", product_id: "CSAFPID-1457907", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v18", product: { name: "simatic_net_pc_software_v18", product_id: "CSAFPID-1637851", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v18", product: { name: "simatic_net_pc_software_v18", product_id: "CSAFPID-1457908", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v19", product: { name: "simatic_net_pc_software_v19", product_id: "CSAFPID-1637911", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v19", product: { name: "simatic_net_pc_software_v19", product_id: "CSAFPID-1637560", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs", product: { name: "simatic_pcs", product_id: "CSAFPID-838530", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7_v9.1", product: { name: "simatic_pcs_7_v9.1", product_id: "CSAFPID-1501190", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs_7_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7_v9.1", product: { name: "simatic_pcs_7_v9.1", product_id: "CSAFPID-1457909", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs_7_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pdm_v9.2", product: { name: "simatic_pdm_v9.2", product_id: "CSAFPID-1637912", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pdm_v9.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pdm_v9.2", product: { name: "simatic_pdm_v9.2", product_id: "CSAFPID-1470065", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pdm_v9.2:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_", product: { name: "simatic_route_control_", product_id: "CSAFPID-1625337", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_v9.1", product: { name: "simatic_route_control_v9.1", product_id: "CSAFPID-1637856", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_v9.1", product: { name: "simatic_route_control_v9.1", product_id: "CSAFPID-1470066", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager", product: { name: "simatic_rtls_locating_manager", product_id: "CSAFPID-1691398", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager:3.0.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da00_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da00_", product_id: "CSAFPID-1703180", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da00_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da10_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da10_", product_id: "CSAFPID-1703181", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da10_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da20_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da20_", product_id: "CSAFPID-1703182", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da20_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da30_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da30_", product_id: "CSAFPID-1703183", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da30_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea10_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea10_", product_id: "CSAFPID-1703184", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea10_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea20_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea20_", product_id: "CSAFPID-1703185", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea20_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea30_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea30_", product_id: "CSAFPID-1703186", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea30_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_", product: { name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_", product_id: "CSAFPID-1615260", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_", product: { name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_", product_id: "CSAFPID-1615261", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_", product: { name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_", product_id: "CSAFPID-1615262", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_", product: { name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_", product_id: "CSAFPID-1615263", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem", product: { name: "simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem", product_id: "CSAFPID-1703131", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-plcsim_v16", product: { name: "simatic_s7-plcsim_v16", product_id: "CSAFPID-1712825", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-plcsim_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-plcsim_v17", product: { name: "simatic_s7-plcsim_v17", product_id: "CSAFPID-1712826", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-plcsim_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v16", product: { name: "simatic_step_7_safety_v16", product_id: "CSAFPID-1703190", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v17", product: { name: "simatic_step_7_safety_v17", product_id: "CSAFPID-1703191", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v18", product: { name: "simatic_step_7_safety_v18", product_id: "CSAFPID-1500667", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v16", product: { name: "simatic_step_7_v16", product_id: "CSAFPID-1703187", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v17", product: { name: "simatic_step_7_v17", product_id: "CSAFPID-1703188", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v18", product: { name: "simatic_step_7_v18", product_id: "CSAFPID-1703189", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v5", product: { name: "simatic_step_7_v5", product_id: "CSAFPID-1637913", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v5", product: { name: "simatic_step_7_v5", product_id: "CSAFPID-1457855", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v5:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-75563", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1550826", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc:8.0:update_5:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.17", product: { name: "simatic_wincc_oa_v3.17", product_id: "CSAFPID-1637914", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.17", product: { name: "simatic_wincc_oa_v3.17", product_id: "CSAFPID-1457956", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.18", product: { name: "simatic_wincc_oa_v3.18", product_id: "CSAFPID-1637915", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.18", product: { name: "simatic_wincc_oa_v3.18", product_id: "CSAFPID-1457957", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.19", product: { name: "simatic_wincc_oa_v3.19", product_id: "CSAFPID-1637916", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.19", product: { name: "simatic_wincc_oa_v3.19", product_id: "CSAFPID-1457958", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-766087", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-1470067", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165765", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v16", product: { name: "simatic_wincc_runtime_professional_v16", product_id: "CSAFPID-1637917", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v16", product: { name: "simatic_wincc_runtime_professional_v16", product_id: "CSAFPID-1457960", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v17", product: { name: "simatic_wincc_runtime_professional_v17", product_id: "CSAFPID-1637887", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v17", product: { name: "simatic_wincc_runtime_professional_v17", product_id: "CSAFPID-1457961", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v18", product: { name: "simatic_wincc_runtime_professional_v18", product_id: "CSAFPID-1501188", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v18", product: { name: "simatic_wincc_runtime_professional_v18", product_id: "CSAFPID-1457962", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v19", product: { name: "simatic_wincc_runtime_professional_v19", product_id: "CSAFPID-1501192", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v19", product: { name: "simatic_wincc_runtime_professional_v19", product_id: "CSAFPID-1457963", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime", product: { name: "simatic_wincc_unified_pc_runtime", product_id: "CSAFPID-744621", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime", product: { name: "simatic_wincc_unified_pc_runtime", product_id: "CSAFPID-1470068", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime_v18", product: { name: "simatic_wincc_unified_pc_runtime_v18", product_id: "CSAFPID-1637854", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime_v18", product: { name: "simatic_wincc_unified_pc_runtime_v18", product_id: "CSAFPID-1637561", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v16", product: { name: "simatic_wincc_unified_v16", product_id: "CSAFPID-1703192", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v17", product: { name: "simatic_wincc_unified_v17", product_id: "CSAFPID-1703193", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v18", product: { name: "simatic_wincc_unified_v18", product_id: "CSAFPID-1703194", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v16", product: { name: "simatic_wincc_v16", product_id: "CSAFPID-1702687", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v17", product: { name: "simatic_wincc_v17", product_id: "CSAFPID-1702688", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v18", product: { name: "simatic_wincc_v18", product_id: "CSAFPID-1703195", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.4", product: { name: "simatic_wincc_v7.4", product_id: "CSAFPID-1501193", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.4", product: { name: "simatic_wincc_v7.4", product_id: "CSAFPID-1457965", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.4:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.5", product: { name: "simatic_wincc_v7.5", product_id: "CSAFPID-1501191", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.5", product: { name: "simatic_wincc_v7.5", product_id: "CSAFPID-1457966", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.5:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v8.0", product: { name: "simatic_wincc_v8.0", product_id: "CSAFPID-1501189", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v8.0", product: { name: "simatic_wincc_v8.0", product_id: "CSAFPID-1457967", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v8.0:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v16", product: { name: "simocode_es_v16", product_id: "CSAFPID-1702694", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v17", product: { name: "simocode_es_v17", product_id: "CSAFPID-1703196", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v18", product: { name: "simocode_es_v18", product_id: "CSAFPID-1703197", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.4_sp1", product: { name: "simotion_scout_tia_v5.4_sp1", product_id: "CSAFPID-1703198", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.4_sp3", product: { name: "simotion_scout_tia_v5.4_sp3", product_id: "CSAFPID-1703199", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.5_sp1", product: { name: "simotion_scout_tia_v5.5_sp1", product_id: "CSAFPID-1703200", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.5_sp1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive", product: { name: "sinamics_startdrive", product_id: "CSAFPID-1625341", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive", product: { name: "sinamics_startdrive", product_id: "CSAFPID-1470069", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v16", product: { name: "sinamics_startdrive_v16", product_id: "CSAFPID-1703201", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v17", product: { name: "sinamics_startdrive_v17", product_id: "CSAFPID-1703202", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v18", product: { name: "sinamics_startdrive_v18", product_id: "CSAFPID-1703203", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_ins", product: { name: "sinec_ins", product_id: "CSAFPID-746925", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_network_management_system", product: { name: "sinec_network_management_system", product_id: "CSAFPID-1691397", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_network_management_system:2.0:sp1:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-309392", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1458012", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1693062", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:2.0:sp2:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1691473", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinema_remote_connect_client", product: { name: "sinema_remote_connect_client", product_id: "CSAFPID-894438", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_one_virtual", product: { name: "sinumerik_one_virtual", product_id: "CSAFPID-1625342", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_one_virtual", product: { name: "sinumerik_one_virtual", product_id: "CSAFPID-1470070", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_one_virtual:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_plc_programming_tool", product: { name: "sinumerik_plc_programming_tool", product_id: "CSAFPID-1625338", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_plc_programming_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_plc_programming_tool", product: { name: "sinumerik_plc_programming_tool", product_id: "CSAFPID-1470071", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_plc_programming_tool:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_", product: { name: "siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_", product_id: "CSAFPID-1615264", product_identification_helper: { cpe: "cpe:2.3:a:siemens:siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siport", product: { name: "siport", product_id: "CSAFPID-1712847", product_identification_helper: { cpe: "cpe:2.3:a:siemens:siport:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_safety_es_v17", product: { name: "sirius_safety_es_v17", product_id: "CSAFPID-1703204", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_safety_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_safety_es_v18", product: { name: "sirius_safety_es_v18", product_id: "CSAFPID-1703205", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_safety_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_soft_starter_es_v17", product: { name: "sirius_soft_starter_es_v17", product_id: "CSAFPID-1703206", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_soft_starter_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_soft_starter_es_v18", product: { name: "sirius_soft_starter_es_v18", product_id: "CSAFPID-1703207", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_soft_starter_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "solid_edge_se2024", product: { name: "solid_edge_se2024", product_id: "CSAFPID-1680248", product_identification_helper: { cpe: "cpe:2.3:a:siemens:solid_edge_se2024:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spectrum_power_7", product: { name: "spectrum_power_7", product_id: "CSAFPID-524281", product_identification_helper: { cpe: "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "st7_scadaconnect", product: { name: "st7_scadaconnect", product_id: "CSAFPID-1691077", product_identification_helper: { cpe: "cpe:2.3:a:siemens:st7_scadaconnect:1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "st7_scadaconnect__6nh7997-5da10-0aa0_", product: { name: "st7_scadaconnect__6nh7997-5da10-0aa0_", product_id: "CSAFPID-1703173", product_identification_helper: { cpe: "cpe:2.3:a:siemens:st7_scadaconnect__6nh7997-5da10-0aa0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic", product: { name: "telecontrol_server_basic", product_id: "CSAFPID-1691051", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic:3.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_1000_v3.1", product: { name: "telecontrol_server_basic_1000_v3.1", product_id: "CSAFPID-1712839", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_1000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_256_v3.1", product: { name: "telecontrol_server_basic_256_v3.1", product_id: "CSAFPID-1712840", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_256_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_32_v3.1", product: { name: "telecontrol_server_basic_32_v3.1", product_id: "CSAFPID-1712841", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_32_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_5000_v3.1", product: { name: "telecontrol_server_basic_5000_v3.1", product_id: "CSAFPID-1712842", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_5000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_64_v3.1", product: { name: "telecontrol_server_basic_64_v3.1", product_id: "CSAFPID-1712843", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_64_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_8_v3.1", product: { name: "telecontrol_server_basic_8_v3.1", product_id: "CSAFPID-1712844", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_8_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_serv_upgr", product: { name: "telecontrol_server_basic_serv_upgr", product_id: "CSAFPID-1712845", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_serv_upgr:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_upgr_v3.1", product: { name: "telecontrol_server_basic_upgr_v3.1", product_id: "CSAFPID-1712846", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_upgr_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_v3", product: { name: "telecontrol_server_basic_v3", product_id: "CSAFPID-1637855", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_v3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_connector", product: { name: "tia_portal_cloud_connector", product_id: "CSAFPID-1625345", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_connector:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_connector", product: { name: "tia_portal_cloud_connector", product_id: "CSAFPID-1470072", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_connector:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v16", product: { name: "tia_portal_cloud_v16", product_id: "CSAFPID-1712827", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v17", product: { name: "tia_portal_cloud_v17", product_id: "CSAFPID-1712828", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v18", product: { name: "tia_portal_cloud_v18", product_id: "CSAFPID-1712829", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74798", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:15.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-75533", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74794", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74792", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-1472073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v15.1", product: { name: "totally_integrated_automation_portal__tia_portal__v15.1", product_id: "CSAFPID-1615531", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v15.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v15.1", product: { name: "totally_integrated_automation_portal__tia_portal__v15.1", product_id: "CSAFPID-1458014", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v15.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v16", product: { name: "totally_integrated_automation_portal__tia_portal__v16", product_id: "CSAFPID-1615256", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v16", product: { name: "totally_integrated_automation_portal__tia_portal__v16", product_id: "CSAFPID-1458015", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v17", product: { name: "totally_integrated_automation_portal__tia_portal__v17", product_id: "CSAFPID-1615257", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v17", product: { name: "totally_integrated_automation_portal__tia_portal__v17", product_id: "CSAFPID-1458016", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v18", product: { name: "totally_integrated_automation_portal__tia_portal__v18", product_id: "CSAFPID-1615258", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v18", product: { name: "totally_integrated_automation_portal__tia_portal__v18", product_id: "CSAFPID-1458017", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v19", product: { name: "totally_integrated_automation_portal__tia_portal__v19", product_id: "CSAFPID-1637618", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v19", product: { name: "totally_integrated_automation_portal__tia_portal__v19", product_id: "CSAFPID-1470073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "wincc", product: { name: "wincc", product_id: "CSAFPID-1625343", product_identification_helper: { cpe: "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "wincc_tia_portal", product: { name: "wincc_tia_portal", product_id: "CSAFPID-465667", product_identification_helper: { cpe: "cpe:2.3:a:siemens:wincc_tia_portal:11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500", product: { name: "simatic_s7-1500", product_id: "CSAFPID-715650", product_identification_helper: { cpe: "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7", product: { name: "simatic_s7", product_id: "CSAFPID-1613729", product_identification_helper: { cpe: "cpe:2.3:h:siemens:simatic_s7:1500:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "cpu_1518f-4_pn\\/dp_mfp_firmware", product: { name: "cpu_1518f-4_pn\\/dp_mfp_firmware", product_id: "CSAFPID-1691401", product_identification_helper: { cpe: "cpe:2.3:o:siemens:cpu_1518f-4_pn\\/dp_mfp_firmware:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "cpu_1518f-4_pn__dp_mfp_firmware", product: { name: "cpu_1518f-4_pn__dp_mfp_firmware", product_id: "CSAFPID-715649", product_identification_helper: { cpe: "cpe:2.3:o:siemens:cpu_1518f-4_pn__dp_mfp_firmware:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808", product: { name: "ruggedcom_ape1808", product_id: "CSAFPID-880853", product_identification_helper: { cpe: "cpe:2.3:o:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808_firmware", product: { name: "ruggedcom_ape1808_firmware", product_id: "CSAFPID-542833", product_identification_helper: { cpe: "cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool", product: { name: "security_configuration_tool", product_id: "CSAFPID-540747", product_identification_helper: { cpe: "cpe:2.3:o:siemens:security_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_simatic_s7-1500_tm_mfp", product: { name: "siemens_simatic_s7-1500_tm_mfp", product_id: "CSAFPID-1693048", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_simatic_s7-1500_tm_mfp:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_simatic_s7_-1500_tm_mfp", product: { name: "siemens_simatic_s7_-1500_tm_mfp", product_id: "CSAFPID-907212", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_simatic_s7_-1500_tm_mfp:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_telecontrol_server_basic", product: { name: "siemens_telecontrol_server_basic", product_id: "CSAFPID-907211", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_telecontrol_server_basic:3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_mv500_firmware", product: { name: "simatic_mv500_firmware", product_id: "CSAFPID-1692274", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_mv500_firmware:3.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software", product: { name: "simatic_net_pc_software", product_id: "CSAFPID-1472070", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7", product: { name: "simatic_pcs_7", product_id: "CSAFPID-1472067", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_pcs_7:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware", product: { name: "simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware", product_id: "CSAFPID-1689769", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware:3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware", product: { name: "simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware", product_id: "CSAFPID-766929", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware:3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_firmware", product: { name: "simatic_s7-1500_tm_mfp_firmware", product_id: "CSAFPID-717239", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_firmware", product: { name: "simatic_s7-1500_tm_mfp_firmware", product_id: "CSAFPID-905869", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7", product: { name: "simatic_step_7", product_id: "CSAFPID-879652", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_step_7:5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472068", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472066", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472072", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa", product: { name: "simatic_wincc_oa", product_id: "CSAFPID-1472071", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_oa:3.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-886176", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165976", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165974", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-855582", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-855580", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3506", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2021-3506", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-3506.json", }, ], title: "CVE-2021-3506", }, { cve: "CVE-2023-2975", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], product_status: { known_affected: [ "CSAFPID-1703073", "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-2975", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2975.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1703073", "CSAFPID-309392", ], }, ], title: "CVE-2023-2975", }, { cve: "CVE-2023-3341", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], references: [ { category: "self", summary: "CVE-2023-3341", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3341.json", }, ], title: "CVE-2023-3341", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703073", "CSAFPID-309392", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-1703173", ], }, references: [ { category: "self", summary: "CVE-2023-3446", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703073", "CSAFPID-309392", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-1703173", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3817", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1613729", "CSAFPID-1703073", "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-3817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1613729", "CSAFPID-1703073", "CSAFPID-309392", ], }, ], title: "CVE-2023-3817", }, { cve: "CVE-2023-4236", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-4236", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4236.json", }, ], title: "CVE-2023-4236", }, { cve: "CVE-2023-4408", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-4408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json", }, ], title: "CVE-2023-4408", }, { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-4807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4807.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, notes: [ { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, ], product_status: { known_affected: [ "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-5363", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5363.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5517", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-5517", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5517.json", }, ], title: "CVE-2023-5517", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1613729", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-309392", "CSAFPID-1703173", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-5678", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json", }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5679", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-5679", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5679.json", }, ], title: "CVE-2023-5679", }, { cve: "CVE-2023-5680", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-5680", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5680.json", }, ], title: "CVE-2023-5680", }, { cve: "CVE-2023-6129", cwe: { id: "CWE-328", name: "Use of Weak Hash", }, notes: [ { category: "other", text: "Use of Weak Hash", title: "CWE-328", }, { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], references: [ { category: "self", summary: "CVE-2023-6129", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json", }, ], title: "CVE-2023-6129", }, { cve: "CVE-2023-6237", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], references: [ { category: "self", summary: "CVE-2023-6237", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6237.json", }, ], title: "CVE-2023-6237", }, { cve: "CVE-2023-6516", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, ], references: [ { category: "self", summary: "CVE-2023-6516", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6516.json", }, ], title: "CVE-2023-6516", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2023-7104", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7104.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1703131", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-1613504", "CSAFPID-1613505", "CSAFPID-1613506", "CSAFPID-1613507", "CSAFPID-1613592", "CSAFPID-1613593", "CSAFPID-1613594", "CSAFPID-1613595", "CSAFPID-1613596", "CSAFPID-1613597", "CSAFPID-1613598", ], }, references: [ { category: "self", summary: "CVE-2023-28450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28450.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1613504", "CSAFPID-1613505", "CSAFPID-1613506", "CSAFPID-1613507", "CSAFPID-1613592", "CSAFPID-1613593", "CSAFPID-1613594", "CSAFPID-1613595", "CSAFPID-1613596", "CSAFPID-1613597", "CSAFPID-1613598", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-30584", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-30584", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-30584.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-30584", }, { cve: "CVE-2023-32002", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Policy Privileges are not Assigned Consistently Between Control and Data Agents", title: "CWE-1268", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32002", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32002.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32002", }, { cve: "CVE-2023-32003", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32003", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32003.json", }, ], title: "CVE-2023-32003", }, { cve: "CVE-2023-32004", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32004", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32004.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32004", }, { cve: "CVE-2023-32005", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32005", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32005.json", }, ], title: "CVE-2023-32005", }, { cve: "CVE-2023-32006", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Exposure of Sensitive Information Due to Incompatible Policies", title: "CWE-213", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32006", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32006.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32006", }, { cve: "CVE-2023-32558", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32558", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32558.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32558", }, { cve: "CVE-2023-32559", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32559", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32559.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32559", }, { cve: "CVE-2023-32736", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1712825", "CSAFPID-1712826", "CSAFPID-1703190", "CSAFPID-1703191", "CSAFPID-1500667", "CSAFPID-1703187", "CSAFPID-1703188", "CSAFPID-1703189", "CSAFPID-1703192", "CSAFPID-1703193", "CSAFPID-1703194", "CSAFPID-1702687", "CSAFPID-1702688", "CSAFPID-1703195", "CSAFPID-1702694", "CSAFPID-1703196", "CSAFPID-1703197", "CSAFPID-1703198", "CSAFPID-1703199", "CSAFPID-1703200", "CSAFPID-1703201", "CSAFPID-1703202", "CSAFPID-1703203", "CSAFPID-1703204", "CSAFPID-1703205", "CSAFPID-1703206", "CSAFPID-1703207", "CSAFPID-1712827", "CSAFPID-1712828", "CSAFPID-1712829", ], }, references: [ { category: "self", summary: "CVE-2023-32736", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32736.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712825", "CSAFPID-1712826", "CSAFPID-1703190", "CSAFPID-1703191", "CSAFPID-1500667", "CSAFPID-1703187", "CSAFPID-1703188", "CSAFPID-1703189", "CSAFPID-1703192", "CSAFPID-1703193", "CSAFPID-1703194", "CSAFPID-1702687", "CSAFPID-1702688", "CSAFPID-1703195", "CSAFPID-1702694", "CSAFPID-1703196", "CSAFPID-1703197", "CSAFPID-1703198", "CSAFPID-1703199", "CSAFPID-1703200", "CSAFPID-1703201", "CSAFPID-1703202", "CSAFPID-1703203", "CSAFPID-1703204", "CSAFPID-1703205", "CSAFPID-1703206", "CSAFPID-1703207", "CSAFPID-1712827", "CSAFPID-1712828", "CSAFPID-1712829", ], }, ], title: "CVE-2023-32736", }, { cve: "CVE-2023-38552", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], references: [ { category: "self", summary: "CVE-2023-38552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38552.json", }, ], title: "CVE-2023-38552", }, { cve: "CVE-2023-38709", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "other", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "other", text: "Improper Validation of Specified Quantity in Input", title: "CWE-1284", }, ], references: [ { category: "self", summary: "CVE-2023-38709", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38709.json", }, ], title: "CVE-2023-38709", }, { cve: "CVE-2023-39331", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2023-39331", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39331.json", }, ], title: "CVE-2023-39331", }, { cve: "CVE-2023-39332", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2023-39332", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39332.json", }, ], title: "CVE-2023-39332", }, { cve: "CVE-2023-39333", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, ], references: [ { category: "self", summary: "CVE-2023-39333", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39333.json", }, ], title: "CVE-2023-39333", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-309392", "CSAFPID-1615259", "CSAFPID-1703173", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-309392", "CSAFPID-1615259", "CSAFPID-1703173", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-45143", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], references: [ { category: "self", summary: "CVE-2023-45143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45143.json", }, ], title: "CVE-2023-45143", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-201", name: "Insertion of Sensitive Information Into Sent Data", }, notes: [ { category: "other", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-46218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-46219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2023-46280", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1458012", "CSAFPID-309392", "CSAFPID-1625338", "CSAFPID-1625340", "CSAFPID-1625341", "CSAFPID-75563", "CSAFPID-1625342", "CSAFPID-165765", "CSAFPID-1625345", "CSAFPID-766087", "CSAFPID-1637559", "CSAFPID-1637560", "CSAFPID-1637561", "CSAFPID-1637909", "CSAFPID-1637910", "CSAFPID-1637849", "CSAFPID-1637850", "CSAFPID-1637851", "CSAFPID-1637911", "CSAFPID-1501190", "CSAFPID-1637912", "CSAFPID-1637856", "CSAFPID-1637913", "CSAFPID-1637914", "CSAFPID-1637915", "CSAFPID-1637916", "CSAFPID-1637917", "CSAFPID-1637887", "CSAFPID-1501188", "CSAFPID-1501192", "CSAFPID-1637854", "CSAFPID-1501193", "CSAFPID-1501191", "CSAFPID-1501189", "CSAFPID-1615531", "CSAFPID-1615256", "CSAFPID-1615257", "CSAFPID-1615258", "CSAFPID-1637618", "CSAFPID-1470060", "CSAFPID-1470061", "CSAFPID-1470062", "CSAFPID-1470063", "CSAFPID-1470064", "CSAFPID-1457909", "CSAFPID-1470065", "CSAFPID-1470066", "CSAFPID-1457855", "CSAFPID-1457956", "CSAFPID-1457957", "CSAFPID-1457958", "CSAFPID-1470067", "CSAFPID-1457960", "CSAFPID-1457961", "CSAFPID-1457962", "CSAFPID-1457963", "CSAFPID-1470068", "CSAFPID-1457965", "CSAFPID-1457966", "CSAFPID-1457967", "CSAFPID-1470069", "CSAFPID-1470070", "CSAFPID-1470071", "CSAFPID-1470072", "CSAFPID-1458014", "CSAFPID-1458015", "CSAFPID-1458016", "CSAFPID-1458017", "CSAFPID-1470073", "CSAFPID-75533", "CSAFPID-1472069", "CSAFPID-1472073", "CSAFPID-74792", "CSAFPID-74794", "CSAFPID-1457906", "CSAFPID-1457907", "CSAFPID-1457908", ], }, references: [ { category: "self", summary: "CVE-2023-46280", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46280.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1458012", "CSAFPID-309392", "CSAFPID-1625338", "CSAFPID-1625340", "CSAFPID-1625341", "CSAFPID-75563", "CSAFPID-1625342", "CSAFPID-165765", "CSAFPID-1625345", "CSAFPID-766087", "CSAFPID-1637559", "CSAFPID-1637560", "CSAFPID-1637561", "CSAFPID-1637909", "CSAFPID-1637910", "CSAFPID-1637849", "CSAFPID-1637850", "CSAFPID-1637851", "CSAFPID-1637911", "CSAFPID-1501190", "CSAFPID-1637912", "CSAFPID-1637856", "CSAFPID-1637913", "CSAFPID-1637914", "CSAFPID-1637915", "CSAFPID-1637916", "CSAFPID-1637917", "CSAFPID-1637887", "CSAFPID-1501188", "CSAFPID-1501192", "CSAFPID-1637854", "CSAFPID-1501193", "CSAFPID-1501191", "CSAFPID-1501189", "CSAFPID-1615531", "CSAFPID-1615256", "CSAFPID-1615257", "CSAFPID-1615258", "CSAFPID-1637618", "CSAFPID-1470060", "CSAFPID-1470061", "CSAFPID-1470062", "CSAFPID-1470063", "CSAFPID-1470064", "CSAFPID-1457909", "CSAFPID-1470065", "CSAFPID-1470066", "CSAFPID-1457855", "CSAFPID-1457956", "CSAFPID-1457957", "CSAFPID-1457958", "CSAFPID-1470067", "CSAFPID-1457960", "CSAFPID-1457961", "CSAFPID-1457962", "CSAFPID-1457963", "CSAFPID-1470068", "CSAFPID-1457965", "CSAFPID-1457966", "CSAFPID-1457967", "CSAFPID-1470069", "CSAFPID-1470070", "CSAFPID-1470071", "CSAFPID-1470072", "CSAFPID-1458014", "CSAFPID-1458015", "CSAFPID-1458016", "CSAFPID-1458017", "CSAFPID-1470073", "CSAFPID-75533", "CSAFPID-1472069", "CSAFPID-1472073", "CSAFPID-74792", "CSAFPID-74794", "CSAFPID-1457906", "CSAFPID-1457907", "CSAFPID-1457908", ], }, ], title: "CVE-2023-46280", }, { cve: "CVE-2023-46809", cwe: { id: "CWE-208", name: "Observable Timing Discrepancy", }, notes: [ { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, ], references: [ { category: "self", summary: "CVE-2023-46809", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46809.json", }, ], title: "CVE-2023-46809", }, { cve: "CVE-2023-47038", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], references: [ { category: "self", summary: "CVE-2023-47038", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47038.json", }, ], title: "CVE-2023-47038", }, { cve: "CVE-2023-47039", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2023-47039", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47039.json", }, ], title: "CVE-2023-47039", }, { cve: "CVE-2023-47100", references: [ { category: "self", summary: "CVE-2023-47100", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47100.json", }, ], title: "CVE-2023-47100", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "other", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, ], product_status: { known_affected: [ "CSAFPID-1615259", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1615259", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49441", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], references: [ { category: "self", summary: "CVE-2023-49441", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49441.json", }, ], title: "CVE-2023-49441", }, { cve: "CVE-2023-50387", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50387.json", }, ], title: "CVE-2023-50387", }, { cve: "CVE-2023-50868", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50868", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json", }, ], title: "CVE-2023-50868", }, { cve: "CVE-2023-52389", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], references: [ { category: "self", summary: "CVE-2023-52389", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52389.json", }, ], title: "CVE-2023-52389", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-0232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json", }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0727", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1613729", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-0727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1613729", "CSAFPID-1703131", ], }, ], title: "CVE-2024-0727", }, { cve: "CVE-2024-2004", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "other", text: "Cleartext Transmission of Sensitive Information", title: "CWE-319", }, { category: "other", text: "Misinterpretation of Input", title: "CWE-115", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Interpretation Conflict", title: "CWE-436", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2004", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2004.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2004", }, { cve: "CVE-2024-2379", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2379", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2379.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2379", }, { cve: "CVE-2024-2398", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2398", }, { cve: "CVE-2024-2466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Improper Validation of Certificate with Host Mismatch", title: "CWE-297", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2466", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2466.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2466", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5594", references: [ { category: "self", summary: "CVE-2024-5594", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5594.json", }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-21890", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Insufficient Technical Documentation", title: "CWE-1059", }, ], references: [ { category: "self", summary: "CVE-2024-21890", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21890.json", }, ], title: "CVE-2024-21890", }, { cve: "CVE-2024-21891", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2024-21891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21891.json", }, ], title: "CVE-2024-21891", }, { cve: "CVE-2024-21892", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, ], references: [ { category: "self", summary: "CVE-2024-21892", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21892.json", }, ], title: "CVE-2024-21892", }, { cve: "CVE-2024-21896", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2024-21896", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21896.json", }, ], title: "CVE-2024-21896", }, { cve: "CVE-2024-22017", cwe: { id: "CWE-271", name: "Privilege Dropping / Lowering Errors", }, notes: [ { category: "other", text: "Privilege Dropping / Lowering Errors", title: "CWE-271", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], references: [ { category: "self", summary: "CVE-2024-22017", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22017.json", }, ], title: "CVE-2024-22017", }, { cve: "CVE-2024-22019", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], references: [ { category: "self", summary: "CVE-2024-22019", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json", }, ], title: "CVE-2024-22019", }, { cve: "CVE-2024-22025", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], references: [ { category: "self", summary: "CVE-2024-22025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22025.json", }, ], title: "CVE-2024-22025", }, { cve: "CVE-2024-24758", cwe: { id: "CWE-942", name: "Permissive Cross-domain Policy with Untrusted Domains", }, notes: [ { category: "other", text: "Permissive Cross-domain Policy with Untrusted Domains", title: "CWE-942", }, { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], references: [ { category: "self", summary: "CVE-2024-24758", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24758.json", }, ], title: "CVE-2024-24758", }, { cve: "CVE-2024-24795", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "other", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, ], references: [ { category: "self", summary: "CVE-2024-24795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24795.json", }, ], title: "CVE-2024-24795", }, { cve: "CVE-2024-24806", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], references: [ { category: "self", summary: "CVE-2024-24806", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24806.json", }, ], title: "CVE-2024-24806", }, { cve: "CVE-2024-26306", cwe: { id: "CWE-310", name: "-", }, notes: [ { category: "other", text: "CWE-310", title: "CWE-310", }, { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, ], references: [ { category: "self", summary: "CVE-2024-26306", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26306.json", }, ], title: "CVE-2024-26306", }, { cve: "CVE-2024-26925", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Locking", title: "CWE-667", }, ], references: [ { category: "self", summary: "CVE-2024-26925", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26925.json", }, ], title: "CVE-2024-26925", }, { cve: "CVE-2024-27316", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], references: [ { category: "self", summary: "CVE-2024-27316", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27316.json", }, ], title: "CVE-2024-27316", }, { cve: "CVE-2024-27980", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], references: [ { category: "self", summary: "CVE-2024-27980", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27980.json", }, ], title: "CVE-2024-27980", }, { cve: "CVE-2024-27982", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], references: [ { category: "self", summary: "CVE-2024-27982", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27982.json", }, ], title: "CVE-2024-27982", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, ], references: [ { category: "self", summary: "CVE-2024-28882", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28882.json", }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-29119", cwe: { id: "CWE-266", name: "Incorrect Privilege Assignment", }, notes: [ { category: "other", text: "Incorrect Privilege Assignment", title: "CWE-266", }, ], product_status: { known_affected: [ "CSAFPID-524281", ], }, references: [ { category: "self", summary: "CVE-2024-29119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29119.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-524281", ], }, ], title: "CVE-2024-29119", }, { cve: "CVE-2024-36140", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1712832", "CSAFPID-1712833", ], }, references: [ { category: "self", summary: "CVE-2024-36140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36140.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1712832", "CSAFPID-1712833", ], }, ], title: "CVE-2024-36140", }, { cve: "CVE-2024-44102", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1712834", "CSAFPID-1712835", "CSAFPID-1712836", "CSAFPID-1712837", "CSAFPID-1712838", "CSAFPID-1712839", "CSAFPID-1712840", "CSAFPID-1712841", "CSAFPID-1712842", "CSAFPID-1712843", "CSAFPID-1712844", "CSAFPID-1712845", "CSAFPID-1712846", ], }, references: [ { category: "self", summary: "CVE-2024-44102", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44102.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712834", "CSAFPID-1712835", "CSAFPID-1712836", "CSAFPID-1712837", "CSAFPID-1712838", "CSAFPID-1712839", "CSAFPID-1712840", "CSAFPID-1712841", "CSAFPID-1712842", "CSAFPID-1712843", "CSAFPID-1712844", "CSAFPID-1712845", "CSAFPID-1712846", ], }, ], title: "CVE-2024-44102", }, { cve: "CVE-2024-46888", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46888", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46888.json", }, ], scores: [ { cvss_v3: { baseScore: 9.9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46888", }, { cve: "CVE-2024-46889", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "other", text: "Use of Hard-coded Cryptographic Key", title: "CWE-321", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46889", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46889.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46889", }, { cve: "CVE-2024-46890", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46890", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46890.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46890", }, { cve: "CVE-2024-46891", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46891.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46891", }, { cve: "CVE-2024-46892", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, notes: [ { category: "other", text: "Insufficient Session Expiration", title: "CWE-613", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46892", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46892.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46892", }, { cve: "CVE-2024-46894", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46894", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46894.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46894", }, { cve: "CVE-2024-47783", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-1712847", ], }, references: [ { category: "self", summary: "CVE-2024-47783", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47783.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1712847", ], }, ], title: "CVE-2024-47783", }, { cve: "CVE-2024-47808", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2024-47808", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47808.json", }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2024-47808", }, { cve: "CVE-2024-47940", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47940", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47940.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47940", }, { cve: "CVE-2024-47941", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47941", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47941.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47941", }, { cve: "CVE-2024-47942", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47942", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47942.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47942", }, { cve: "CVE-2024-50310", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, ], product_status: { known_affected: [ "CSAFPID-1712748", ], }, references: [ { category: "self", summary: "CVE-2024-50310", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50310.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712748", ], }, ], title: "CVE-2024-50310", }, { cve: "CVE-2024-50313", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1637622", "CSAFPID-1637623", "CSAFPID-1637624", "CSAFPID-1637625", "CSAFPID-1637626", ], }, references: [ { category: "self", summary: "CVE-2024-50313", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50313.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1637622", "CSAFPID-1637623", "CSAFPID-1637624", "CSAFPID-1637625", "CSAFPID-1637626", ], }, ], title: "CVE-2024-50313", }, { cve: "CVE-2024-50557", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50557", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50557.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50557", }, { cve: "CVE-2024-50558", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50558", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50558.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50558", }, { cve: "CVE-2024-50559", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50559", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50559.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50559", }, { cve: "CVE-2024-50560", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50560", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50560.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50560", }, { cve: "CVE-2024-50561", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50561.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50561", }, { cve: "CVE-2024-50572", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50572", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50572.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50572", }, ], }
ncsc-2025-0023
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:31
Modified
2025-01-22 13:31
Summary
Kwetsbaarheden verholpen in Oracle PeopleSoft
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in Oracle PeopleSoft, specifiek in de versies 8.60, 8.61 en 9.2.
Interpretaties
De kwetsbaarheden in Oracle PeopleSoft stellen geauthenticeerde kwaadwillenden in staat om via HTTP-netwerktoegang ongeautoriseerde toegang te krijgen tot specifieke gegevens, wat kan leiden tot ongeautoriseerde gegevensmanipulatie en -toegang. Kwaadwillenden kunnen ook een Denial-of-Service veroorzaken. Hiervoor heeft de kwaadwillende geen voorafgaande authenticatie nodig.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden in PeopleSoft te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-670
Always-Incorrect Control Flow Implementation
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-126
Buffer Over-read
CWE-125
Out-of-bounds Read
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft meerdere kwetsbaarheden verholpen in Oracle PeopleSoft, specifiek in de versies 8.60, 8.61 en 9.2.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden in Oracle PeopleSoft stellen geauthenticeerde kwaadwillenden in staat om via HTTP-netwerktoegang ongeautoriseerde toegang te krijgen tot specifieke gegevens, wat kan leiden tot ongeautoriseerde gegevensmanipulatie en -toegang. Kwaadwillenden kunnen ook een Denial-of-Service veroorzaken. Hiervoor heeft de kwaadwillende geen voorafgaande authenticatie nodig.", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden in PeopleSoft te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, { category: "general", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Buffer Over-read", title: "CWE-126", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujan2025.html", }, ], title: "Kwetsbaarheden verholpen in Oracle PeopleSoft", tracking: { current_release_date: "2025-01-22T13:31:17.380797Z", id: "NCSC-2025-0023", initial_release_date: "2025-01-22T13:31:17.380797Z", revision_history: [ { date: "2025-01-22T13:31:17.380797Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "peoplesoft_enterprise_cc_common_application_objects", product: { name: "peoplesoft_enterprise_cc_common_application_objects", product_id: "CSAFPID-449779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:9.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_fin_cash_management", product: { name: "peoplesoft_enterprise_fin_cash_management", product_id: "CSAFPID-765405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_cash_management:9.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_fin_esettlements", product: { name: "peoplesoft_enterprise_fin_esettlements", product_id: "CSAFPID-1751153", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_esettlements:9.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_hcm_human_resources", product: { name: "peoplesoft_enterprise_hcm_human_resources", product_id: "CSAFPID-172663", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_hcm_shared_components", product: { name: "peoplesoft_enterprise_hcm_shared_components", product_id: "CSAFPID-607590", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1682", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1681", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-816362", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503667", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503672", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503676", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503669", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503673", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_peopletools", product: { name: "peoplesoft_enterprise_peopletools", product_id: "CSAFPID-1503678", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "peoplesoft_enterprise_scm_purchasing", product: { name: "peoplesoft_enterprise_scm_purchasing", product_id: "CSAFPID-172660", product_identification_helper: { cpe: "cpe:2.3:a:oracle:peoplesoft_enterprise_scm_purchasing:9.2:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2020-22218", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2020-22218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-22218.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2020-22218", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "other", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], product_status: { known_affected: [ "CSAFPID-1682", "CSAFPID-1681", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1682", "CSAFPID-1681", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2024-0397", product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-0397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, ], title: "CVE-2024-0397", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4030", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "other", text: "Incorrect Default Permissions", title: "CWE-276", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-4030", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-4030", }, { cve: "CVE-2024-4032", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, notes: [ { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-4032", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-4032", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, ], product_status: { known_affected: [ "CSAFPID-1681", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1681", "CSAFPID-816362", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-22018", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-22018", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-22018", }, { cve: "CVE-2024-22019", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678", ], }, references: [ { category: "self", summary: "CVE-2024-22019", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1681", "CSAFPID-1682", "CSAFPID-816362", "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1503676", "CSAFPID-1503678", ], }, ], title: "CVE-2024-22019", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-27280", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "other", text: "Buffer Over-read", title: "CWE-126", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-27280", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27280.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-27280", }, { cve: "CVE-2024-27281", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, ], product_status: { known_affected: [ "CSAFPID-1681", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-27281", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27281.json", }, ], title: "CVE-2024-27281", }, { cve: "CVE-2024-27282", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-27282", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27282.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-27282", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-172663", "CSAFPID-607590", "CSAFPID-1503667", "CSAFPID-1503669", "CSAFPID-1682", "CSAFPID-1503672", "CSAFPID-1503673", "CSAFPID-1681", "CSAFPID-1503676", "CSAFPID-1503678", "CSAFPID-816362", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-35195", cwe: { id: "CWE-670", name: "Always-Incorrect Control Flow Implementation", }, notes: [ { category: "other", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-35195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-35195", }, { cve: "CVE-2024-36137", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-36137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-36137", }, { cve: "CVE-2024-36138", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-36138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-36138", }, { cve: "CVE-2024-37372", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-37372", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-37372", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-816362", "CSAFPID-1681", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816362", "CSAFPID-1681", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2025-21530", product_status: { known_affected: [ "CSAFPID-1681", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2025-21530", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21530.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1681", "CSAFPID-816362", ], }, ], title: "CVE-2025-21530", }, { cve: "CVE-2025-21537", product_status: { known_affected: [ "CSAFPID-765405", ], }, references: [ { category: "self", summary: "CVE-2025-21537", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21537.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-765405", ], }, ], title: "CVE-2025-21537", }, { cve: "CVE-2025-21539", product_status: { known_affected: [ "CSAFPID-1751153", ], }, references: [ { category: "self", summary: "CVE-2025-21539", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21539.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1751153", ], }, ], title: "CVE-2025-21539", }, { cve: "CVE-2025-21545", product_status: { known_affected: [ "CSAFPID-1681", "CSAFPID-816362", ], }, references: [ { category: "self", summary: "CVE-2025-21545", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21545.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1681", "CSAFPID-816362", ], }, ], title: "CVE-2025-21545", }, { cve: "CVE-2025-21561", product_status: { known_affected: [ "CSAFPID-172660", ], }, references: [ { category: "self", summary: "CVE-2025-21561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21561.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-172660", ], }, ], title: "CVE-2025-21561", }, { cve: "CVE-2025-21562", product_status: { known_affected: [ "CSAFPID-449779", ], }, references: [ { category: "self", summary: "CVE-2025-21562", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21562.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-449779", ], }, ], title: "CVE-2025-21562", }, { cve: "CVE-2025-21563", product_status: { known_affected: [ "CSAFPID-449779", ], }, references: [ { category: "self", summary: "CVE-2025-21563", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21563.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-449779", ], }, ], title: "CVE-2025-21563", }, ], }
NCSC-2024-0291
Vulnerability from csaf_ncscnl
Published
2024-07-17 13:51
Modified
2024-07-17 13:51
Summary
Kwetsbaarheden verholpen in Oracle Database Server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Er zijn kwetsbaarheden verholpen in Oracle Database Server.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Manipulatie van gegevens
* Omzeilen van beveiligingsmaatregel
Oplossingen
Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.
Kans
medium
Schade
high
CWE-285
Improper Authorization
CWE-404
Improper Resource Shutdown or Release
CWE-674
Uncontrolled Recursion
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Er zijn kwetsbaarheden verholpen in Oracle Database Server.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Manipulatie van gegevens\n* Omzeilen van beveiligingsmaatregel", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Authorization", title: "CWE-285", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-0397", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21098", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21123", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21126", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21174", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21184", }, { category: "external", summary: "Source - nvd", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { category: "external", summary: "Reference - oracle", url: "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json", }, { category: "external", summary: "Reference - cveprojectv5; ibm; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujul2024.html", }, ], title: " Kwetsbaarheden verholpen in Oracle Database Server", tracking: { current_release_date: "2024-07-17T13:51:54.185475Z", id: "NCSC-2024-0291", initial_release_date: "2024-07-17T13:51:54.185475Z", revision_history: [ { date: "2024-07-17T13:51:54.185475Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764785", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764790", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764843", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_-_machine_learning_for_python___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503607", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_core___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764838", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_data_redaction___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764844", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_data_redaction___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764839", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_fleet_patching___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_fleet_patching___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764787", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_oml4py___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_portable_clusterware___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764840", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_rdbms_security___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764847", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_rdbms_security___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764784", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_recovery_manager___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764788", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_recovery_manager___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764841", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_sqlcl___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764848", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_sqlcl___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764789", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:__database_workload_manager___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764842", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_graalvm_multilingual_engine___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764783", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-764786", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503604", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_java_vm___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503605", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_multilingual_engine___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503606", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:_oml4py___23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-266118", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503896", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205254", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205265", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205230", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909875", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909872", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909878", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909879", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909880", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909876", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-220917", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503891", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816314", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.20:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816313", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.21:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909877", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503897", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.23:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205268", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205281", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205295", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205256", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205216", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909874", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-909873", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:19.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503890", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503893", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-220916", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-611586", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-816312", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-912081", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503257", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503900", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-205284", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503898", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503892", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503894", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503889", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503895", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503899", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:21.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_server", product: { name: "database_server", product_id: "CSAFPID-1503256", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_server:23.4:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2022-41881", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, notes: [ { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-764783", "CSAFPID-764784", "CSAFPID-764785", "CSAFPID-764786", "CSAFPID-764787", "CSAFPID-764788", "CSAFPID-764789", "CSAFPID-764790", "CSAFPID-764838", "CSAFPID-764839", "CSAFPID-764840", "CSAFPID-764841", "CSAFPID-764842", "CSAFPID-764843", "CSAFPID-764844", "CSAFPID-764845", "CSAFPID-764846", "CSAFPID-764847", "CSAFPID-764848", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2022-41881", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41881.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-764783", "CSAFPID-764784", "CSAFPID-764785", "CSAFPID-764786", "CSAFPID-764787", "CSAFPID-764788", "CSAFPID-764789", "CSAFPID-764790", "CSAFPID-764838", "CSAFPID-764839", "CSAFPID-764840", "CSAFPID-764841", "CSAFPID-764842", "CSAFPID-764843", "CSAFPID-764844", "CSAFPID-764845", "CSAFPID-764846", "CSAFPID-764847", "CSAFPID-764848", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2022-41881", }, { cve: "CVE-2024-0397", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-0397", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-0397", }, { cve: "CVE-2024-4603", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-21098", cwe: { id: "CWE-285", name: "Improper Authorization", }, notes: [ { category: "other", text: "Improper Authorization", title: "CWE-285", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21098", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21098.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21098", }, { cve: "CVE-2024-21123", cwe: { id: "CWE-285", name: "Improper Authorization", }, notes: [ { category: "other", text: "Improper Authorization", title: "CWE-285", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21123", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21123.json", }, ], title: "CVE-2024-21123", }, { cve: "CVE-2024-21126", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21126", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21126.json", }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21126", }, { cve: "CVE-2024-21174", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21174", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21174.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21174", }, { cve: "CVE-2024-21184", product_status: { known_affected: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, references: [ { category: "self", summary: "CVE-2024-21184", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21184.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-266118", "CSAFPID-1503604", "CSAFPID-1503605", "CSAFPID-1503606", "CSAFPID-1503607", ], }, ], title: "CVE-2024-21184", }, ], }
ncsc-2024-0433
Vulnerability from csaf_ncscnl
Published
2024-11-12 14:19
Modified
2024-11-12 14:19
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als Mendix, RUGGEDCOM, SCALANCE, SIMATIC en SINEC.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Cross-Site-Scripting (XSS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-606
Unchecked Input for Loop Condition
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-115
Misinterpretation of Input
CWE-1059
Insufficient Technical Documentation
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-310
CWE-310
CWE-328
Use of Weak Hash
CWE-1284
Improper Validation of Specified Quantity in Input
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
CWE-1268
Policy Privileges are not Assigned Consistently Between Control and Data Agents
CWE-684
Incorrect Provision of Specified Functionality
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-834
Excessive Iteration
CWE-266
Incorrect Privilege Assignment
CWE-942
Permissive Cross-domain Policy with Untrusted Domains
CWE-271
Privilege Dropping / Lowering Errors
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-667
Improper Locking
CWE-440
Expected Behavior Violation
CWE-297
Improper Validation of Certificate with Host Mismatch
CWE-311
Missing Encryption of Sensitive Data
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-617
Reachable Assertion
CWE-427
Uncontrolled Search Path Element
CWE-319
Cleartext Transmission of Sensitive Information
CWE-613
Insufficient Session Expiration
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-203
Observable Discrepancy
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-321
Use of Hard-coded Cryptographic Key
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-416
Use After Free
CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-436
Interpretation Conflict
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-863
Incorrect Authorization
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-789
Memory Allocation with Excessive Size Value
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-287
Improper Authentication
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Siemens heeft kwetsbaarheden verholpen in diverse producten als Mendix, RUGGEDCOM, SCALANCE, SIMATIC en SINEC.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Cross-Site-Scripting (XSS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.", title: "Interpretaties", }, { category: "description", text: "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, { category: "general", text: "Misinterpretation of Input", title: "CWE-115", }, { category: "general", text: "Insufficient Technical Documentation", title: "CWE-1059", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "CWE-310", title: "CWE-310", }, { category: "general", text: "Use of Weak Hash", title: "CWE-328", }, { category: "general", text: "Improper Validation of Specified Quantity in Input", title: "CWE-1284", }, { category: "general", text: "Exposure of Sensitive Information Due to Incompatible Policies", title: "CWE-213", }, { category: "general", text: "Policy Privileges are not Assigned Consistently Between Control and Data Agents", title: "CWE-1268", }, { category: "general", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Incorrect Privilege Assignment", title: "CWE-266", }, { category: "general", text: "Permissive Cross-domain Policy with Untrusted Domains", title: "CWE-942", }, { category: "general", text: "Privilege Dropping / Lowering Errors", title: "CWE-271", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Improper Locking", title: "CWE-667", }, { category: "general", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "general", text: "Improper Validation of Certificate with Host Mismatch", title: "CWE-297", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "general", text: "Reachable Assertion", title: "CWE-617", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Cleartext Transmission of Sensitive Information", title: "CWE-319", }, { category: "general", text: "Insufficient Session Expiration", title: "CWE-613", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "general", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Use of Hard-coded Cryptographic Key", title: "CWE-321", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, { category: "general", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Interpretation Conflict", title: "CWE-436", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Incorrect Authorization", title: "CWE-863", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-000297.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-064257.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-230445.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-331112.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-351178.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-354112.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-454789.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-616032.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-654798.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-871035.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914892.pdf", }, { category: "external", summary: "Reference - ncscclear", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-915275.pdf", }, ], title: "Kwetsbaarheden verholpen in Siemens producten", tracking: { current_release_date: "2024-11-12T14:19:20.051128Z", id: "NCSC-2024-0433", initial_release_date: "2024-11-12T14:19:20.051128Z", revision_history: [ { date: "2024-11-12T14:19:20.051128Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "mendix_runtime_v10.12", product: { name: "mendix_runtime_v10.12", product_id: "CSAFPID-1637623", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10.12:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v10.6", product: { name: "mendix_runtime_v10.6", product_id: "CSAFPID-1637624", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10.6:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v10", product: { name: "mendix_runtime_v10", product_id: "CSAFPID-1637622", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v10:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v8", product: { name: "mendix_runtime_v8", product_id: "CSAFPID-1637625", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v8:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "mendix_runtime_v9", product: { name: "mendix_runtime_v9", product_id: "CSAFPID-1637626", product_identification_helper: { cpe: "cpe:2.3:a:siemens:mendix_runtime_v9:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ozw672", product: { name: "ozw672", product_id: "CSAFPID-1712832", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ozw672:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ozw772", product: { name: "ozw772", product_id: "CSAFPID-1712833", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ozw772:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_1000_to_5000_v3.1", product: { name: "pp_telecontrol_server_basic_1000_to_5000_v3.1", product_id: "CSAFPID-1712834", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_1000_to_5000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_256_to_1000_v3.1", product: { name: "pp_telecontrol_server_basic_256_to_1000_v3.1", product_id: "CSAFPID-1712835", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_256_to_1000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_32_to_64_v3.1", product: { name: "pp_telecontrol_server_basic_32_to_64_v3.1", product_id: "CSAFPID-1712836", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_32_to_64_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_64_to_256_v3.1", product: { name: "pp_telecontrol_server_basic_64_to_256_v3.1", product_id: "CSAFPID-1712837", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_64_to_256_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "pp_telecontrol_server_basic_8_to_32_v3.1", product: { name: "pp_telecontrol_server_basic_8_to_32_v3.1", product_id: "CSAFPID-1712838", product_identification_helper: { cpe: "cpe:2.3:a:siemens:pp_telecontrol_server_basic_8_to_32_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808", product: { name: "ruggedcom_ape1808", product_id: "CSAFPID-1615259", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_rm1224_lte_4g__eu", product: { name: "ruggedcom_rm1224_lte_4g__eu", product_id: "CSAFPID-1702670", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_rm1224_lte_4g__eu:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_rm1224_lte_4g__nam", product: { name: "ruggedcom_rm1224_lte_4g__nam", product_id: "CSAFPID-1702671", product_identification_helper: { cpe: "cpe:2.3:a:siemens:ruggedcom_rm1224_lte_4g__nam:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7-pct", product: { name: "s7-pct", product_id: "CSAFPID-1637909", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7-pct:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7-pct", product: { name: "s7-pct", product_id: "CSAFPID-1470060", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7-pct:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "s7_port_configuration_tool", product: { name: "s7_port_configuration_tool", product_id: "CSAFPID-1472074", product_identification_helper: { cpe: "cpe:2.3:a:siemens:s7_port_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m804pb", product: { name: "scalance_m804pb", product_id: "CSAFPID-1702672", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m804pb:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m812-1_adsl-router", product: { name: "scalance_m812-1_adsl-router", product_id: "CSAFPID-1712749", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m812-1_adsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m816-1_adsl-router", product: { name: "scalance_m816-1_adsl-router", product_id: "CSAFPID-1712750", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m816-1_adsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m826-2_shdsl-router", product: { name: "scalance_m826-2_shdsl-router", product_id: "CSAFPID-1702677", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-2", product: { name: "scalance_m874-2", product_id: "CSAFPID-1702678", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-3", product: { name: "scalance_m874-3", product_id: "CSAFPID-1702679", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m874-3_3g-router__cn_", product: { name: "scalance_m874-3_3g-router__cn_", product_id: "CSAFPID-1712751", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m874-3_3g-router__cn_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-3", product: { name: "scalance_m876-3", product_id: "CSAFPID-1712752", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-3__rok_", product: { name: "scalance_m876-3__rok_", product_id: "CSAFPID-1702681", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-3__rok_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4", product: { name: "scalance_m876-4", product_id: "CSAFPID-1712753", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4__eu_", product: { name: "scalance_m876-4__eu_", product_id: "CSAFPID-1702682", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_m876-4__nam_", product: { name: "scalance_m876-4__nam_", product_id: "CSAFPID-1702683", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_m876-4__nam_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__a1_", product: { name: "scalance_mum853-1__a1_", product_id: "CSAFPID-1712754", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__a1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__b1_", product: { name: "scalance_mum853-1__b1_", product_id: "CSAFPID-1712755", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__b1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum853-1__eu_", product: { name: "scalance_mum853-1__eu_", product_id: "CSAFPID-1712756", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum853-1__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__a1_", product: { name: "scalance_mum856-1__a1_", product_id: "CSAFPID-1712757", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__a1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__b1_", product: { name: "scalance_mum856-1__b1_", product_id: "CSAFPID-1712758", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__b1_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__cn_", product: { name: "scalance_mum856-1__cn_", product_id: "CSAFPID-1712759", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__cn_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__eu_", product: { name: "scalance_mum856-1__eu_", product_id: "CSAFPID-1702684", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__eu_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_mum856-1__row_", product: { name: "scalance_mum856-1__row_", product_id: "CSAFPID-1702685", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_mum856-1__row_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_s615_eec_lan-router", product: { name: "scalance_s615_eec_lan-router", product_id: "CSAFPID-1712760", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_s615_eec_lan-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_s615_lan-router", product: { name: "scalance_s615_lan-router", product_id: "CSAFPID-1712761", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_s615_lan-router:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xch328__6gk5328-4ts01-2ec2_", product: { name: "scalance_xch328__6gk5328-4ts01-2ec2_", product_id: "CSAFPID-1613504", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xch328__6gk5328-4ts01-2ec2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm324__6gk5324-8ts01-2ac2_", product: { name: "scalance_xcm324__6gk5324-8ts01-2ac2_", product_id: "CSAFPID-1613505", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm324__6gk5324-8ts01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm328__6gk5328-4ts01-2ac2_", product: { name: "scalance_xcm328__6gk5328-4ts01-2ac2_", product_id: "CSAFPID-1613506", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm328__6gk5328-4ts01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xcm332__6gk5332-0ga01-2ac2_", product: { name: "scalance_xcm332__6gk5332-0ga01-2ac2_", product_id: "CSAFPID-1613507", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xcm332__6gk5332-0ga01-2ac2_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_", product: { name: "scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_", product_id: "CSAFPID-1613592", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrh334__24_v_dc__8xfo__cc___6gk5334-2ts01-2er3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_", product: { name: "scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_", product_id: "CSAFPID-1613593", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__230_v_ac__12xfo___6gk5334-3ts01-3ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_", product: { name: "scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_", product_id: "CSAFPID-1613594", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__230_v_ac__8xfo___6gk5334-2ts01-3ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_", product: { name: "scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_", product_id: "CSAFPID-1613595", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__24_v_dc__12xfo___6gk5334-3ts01-2ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_", product: { name: "scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_", product_id: "CSAFPID-1613596", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__24_v_dc__8xfo___6gk5334-2ts01-2ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_", product: { name: "scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_", product_id: "CSAFPID-1613597", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__2x230_v_ac__12xfo___6gk5334-3ts01-4ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_", product: { name: "scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_", product_id: "CSAFPID-1613598", product_identification_helper: { cpe: "cpe:2.3:a:siemens:scalance_xrm334__2x230_v_ac__8xfo___6gk5334-2ts01-4ar3_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool", product: { name: "security_configuration_tool", product_id: "CSAFPID-1625339", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool__sct_", product: { name: "security_configuration_tool__sct_", product_id: "CSAFPID-1637910", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool__sct_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool__sct_", product: { name: "security_configuration_tool__sct_", product_id: "CSAFPID-1470061", product_identification_helper: { cpe: "cpe:2.3:a:siemens:security_configuration_tool__sct_:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1472069", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1637559", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_automation_tool", product: { name: "simatic_automation_tool", product_id: "CSAFPID-1470062", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_automation_tool:all_versions:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_batch_v9.1", product: { name: "simatic_batch_v9.1", product_id: "CSAFPID-1625340", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_batch_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_batch_v9.1", product: { name: "simatic_batch_v9.1", product_id: "CSAFPID-1470063", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_batch_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_cp_1543-1_v4.0", product: { name: "simatic_cp_1543-1_v4.0", product_id: "CSAFPID-1712748", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_cp_1543-1_v4.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_mv500_family", product: { name: "simatic_mv500_family", product_id: "CSAFPID-1703073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_mv500_family:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc-software", product: { name: "simatic_net_pc-software", product_id: "CSAFPID-1625344", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc-software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software", product: { name: "simatic_net_pc_software", product_id: "CSAFPID-1470064", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v16", product: { name: "simatic_net_pc_software_v16", product_id: "CSAFPID-1637849", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v16", product: { name: "simatic_net_pc_software_v16", product_id: "CSAFPID-1457906", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v17", product: { name: "simatic_net_pc_software_v17", product_id: "CSAFPID-1637850", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v17", product: { name: "simatic_net_pc_software_v17", product_id: "CSAFPID-1457907", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v18", product: { name: "simatic_net_pc_software_v18", product_id: "CSAFPID-1637851", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v18", product: { name: "simatic_net_pc_software_v18", product_id: "CSAFPID-1457908", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v19", product: { name: "simatic_net_pc_software_v19", product_id: "CSAFPID-1637911", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software_v19", product: { name: "simatic_net_pc_software_v19", product_id: "CSAFPID-1637560", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_net_pc_software_v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs", product: { name: "simatic_pcs", product_id: "CSAFPID-838530", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7_v9.1", product: { name: "simatic_pcs_7_v9.1", product_id: "CSAFPID-1501190", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs_7_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7_v9.1", product: { name: "simatic_pcs_7_v9.1", product_id: "CSAFPID-1457909", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pcs_7_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pdm_v9.2", product: { name: "simatic_pdm_v9.2", product_id: "CSAFPID-1637912", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pdm_v9.2:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pdm_v9.2", product: { name: "simatic_pdm_v9.2", product_id: "CSAFPID-1470065", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_pdm_v9.2:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_", product: { name: "simatic_route_control_", product_id: "CSAFPID-1625337", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_v9.1", product: { name: "simatic_route_control_v9.1", product_id: "CSAFPID-1637856", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_v9.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_route_control_v9.1", product: { name: "simatic_route_control_v9.1", product_id: "CSAFPID-1470066", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_route_control_v9.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager", product: { name: "simatic_rtls_locating_manager", product_id: "CSAFPID-1691398", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager:3.0.1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da00_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da00_", product_id: "CSAFPID-1703180", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da00_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da10_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da10_", product_id: "CSAFPID-1703181", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da10_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da20_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da20_", product_id: "CSAFPID-1703182", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da20_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-0da30_", product: { name: "simatic_rtls_locating_manager__6gt2780-0da30_", product_id: "CSAFPID-1703183", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-0da30_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea10_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea10_", product_id: "CSAFPID-1703184", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea10_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea20_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea20_", product_id: "CSAFPID-1703185", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea20_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_rtls_locating_manager__6gt2780-1ea30_", product: { name: "simatic_rtls_locating_manager__6gt2780-1ea30_", product_id: "CSAFPID-1703186", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_rtls_locating_manager__6gt2780-1ea30_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_", product: { name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_", product_id: "CSAFPID-1615260", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ab0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_", product: { name: "simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_", product_id: "CSAFPID-1615261", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518-4_pn_dp_mfp__6es7518-4ax00-1ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_", product: { name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_", product_id: "CSAFPID-1615262", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ab0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_", product: { name: "simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_", product_id: "CSAFPID-1615263", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_cpu_1518f-4_pn_dp_mfp__6es7518-4fx00-1ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem", product: { name: "simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem", product_id: "CSAFPID-1703131", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-1500_tm_mfp_-_gnu_linux_subsystem:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-plcsim_v16", product: { name: "simatic_s7-plcsim_v16", product_id: "CSAFPID-1712825", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-plcsim_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-plcsim_v17", product: { name: "simatic_s7-plcsim_v17", product_id: "CSAFPID-1712826", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_s7-plcsim_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v16", product: { name: "simatic_step_7_safety_v16", product_id: "CSAFPID-1703190", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v17", product: { name: "simatic_step_7_safety_v17", product_id: "CSAFPID-1703191", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_safety_v18", product: { name: "simatic_step_7_safety_v18", product_id: "CSAFPID-1500667", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_safety_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v16", product: { name: "simatic_step_7_v16", product_id: "CSAFPID-1703187", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v17", product: { name: "simatic_step_7_v17", product_id: "CSAFPID-1703188", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v18", product: { name: "simatic_step_7_v18", product_id: "CSAFPID-1703189", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v5", product: { name: "simatic_step_7_v5", product_id: "CSAFPID-1637913", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7_v5", product: { name: "simatic_step_7_v5", product_id: "CSAFPID-1457855", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_step_7_v5:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-75563", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1550826", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc:8.0:update_5:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.17", product: { name: "simatic_wincc_oa_v3.17", product_id: "CSAFPID-1637914", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.17", product: { name: "simatic_wincc_oa_v3.17", product_id: "CSAFPID-1457956", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.18", product: { name: "simatic_wincc_oa_v3.18", product_id: "CSAFPID-1637915", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.18", product: { name: "simatic_wincc_oa_v3.18", product_id: "CSAFPID-1457957", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.19", product: { name: "simatic_wincc_oa_v3.19", product_id: "CSAFPID-1637916", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa_v3.19", product: { name: "simatic_wincc_oa_v3.19", product_id: "CSAFPID-1457958", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_oa_v3.19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-766087", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-1470067", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165765", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v16", product: { name: "simatic_wincc_runtime_professional_v16", product_id: "CSAFPID-1637917", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v16", product: { name: "simatic_wincc_runtime_professional_v16", product_id: "CSAFPID-1457960", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v17", product: { name: "simatic_wincc_runtime_professional_v17", product_id: "CSAFPID-1637887", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v17", product: { name: "simatic_wincc_runtime_professional_v17", product_id: "CSAFPID-1457961", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v18", product: { name: "simatic_wincc_runtime_professional_v18", product_id: "CSAFPID-1501188", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v18", product: { name: "simatic_wincc_runtime_professional_v18", product_id: "CSAFPID-1457962", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v19", product: { name: "simatic_wincc_runtime_professional_v19", product_id: "CSAFPID-1501192", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional_v19", product: { name: "simatic_wincc_runtime_professional_v19", product_id: "CSAFPID-1457963", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional_v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime", product: { name: "simatic_wincc_unified_pc_runtime", product_id: "CSAFPID-744621", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime", product: { name: "simatic_wincc_unified_pc_runtime", product_id: "CSAFPID-1470068", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime_v18", product: { name: "simatic_wincc_unified_pc_runtime_v18", product_id: "CSAFPID-1637854", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_pc_runtime_v18", product: { name: "simatic_wincc_unified_pc_runtime_v18", product_id: "CSAFPID-1637561", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v16", product: { name: "simatic_wincc_unified_v16", product_id: "CSAFPID-1703192", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v17", product: { name: "simatic_wincc_unified_v17", product_id: "CSAFPID-1703193", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_unified_v18", product: { name: "simatic_wincc_unified_v18", product_id: "CSAFPID-1703194", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_unified_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v16", product: { name: "simatic_wincc_v16", product_id: "CSAFPID-1702687", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v17", product: { name: "simatic_wincc_v17", product_id: "CSAFPID-1702688", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v18", product: { name: "simatic_wincc_v18", product_id: "CSAFPID-1703195", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.4", product: { name: "simatic_wincc_v7.4", product_id: "CSAFPID-1501193", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.4:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.4", product: { name: "simatic_wincc_v7.4", product_id: "CSAFPID-1457965", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.4:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.5", product: { name: "simatic_wincc_v7.5", product_id: "CSAFPID-1501191", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.5:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v7.5", product: { name: "simatic_wincc_v7.5", product_id: "CSAFPID-1457966", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v7.5:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v8.0", product: { name: "simatic_wincc_v8.0", product_id: "CSAFPID-1501189", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v8.0:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_v8.0", product: { name: "simatic_wincc_v8.0", product_id: "CSAFPID-1457967", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simatic_wincc_v8.0:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v16", product: { name: "simocode_es_v16", product_id: "CSAFPID-1702694", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v17", product: { name: "simocode_es_v17", product_id: "CSAFPID-1703196", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simocode_es_v18", product: { name: "simocode_es_v18", product_id: "CSAFPID-1703197", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simocode_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.4_sp1", product: { name: "simotion_scout_tia_v5.4_sp1", product_id: "CSAFPID-1703198", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.4_sp3", product: { name: "simotion_scout_tia_v5.4_sp3", product_id: "CSAFPID-1703199", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simotion_scout_tia_v5.5_sp1", product: { name: "simotion_scout_tia_v5.5_sp1", product_id: "CSAFPID-1703200", product_identification_helper: { cpe: "cpe:2.3:a:siemens:simotion_scout_tia_v5.5_sp1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive", product: { name: "sinamics_startdrive", product_id: "CSAFPID-1625341", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive", product: { name: "sinamics_startdrive", product_id: "CSAFPID-1470069", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v16", product: { name: "sinamics_startdrive_v16", product_id: "CSAFPID-1703201", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v17", product: { name: "sinamics_startdrive_v17", product_id: "CSAFPID-1703202", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinamics_startdrive_v18", product: { name: "sinamics_startdrive_v18", product_id: "CSAFPID-1703203", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinamics_startdrive_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_ins", product: { name: "sinec_ins", product_id: "CSAFPID-746925", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_network_management_system", product: { name: "sinec_network_management_system", product_id: "CSAFPID-1691397", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_network_management_system:2.0:sp1:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-309392", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1458012", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1693062", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:2.0:sp2:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinec_nms", product: { name: "sinec_nms", product_id: "CSAFPID-1691473", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinec_nms:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinema_remote_connect_client", product: { name: "sinema_remote_connect_client", product_id: "CSAFPID-894438", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinema_remote_connect_client:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_one_virtual", product: { name: "sinumerik_one_virtual", product_id: "CSAFPID-1625342", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_one_virtual", product: { name: "sinumerik_one_virtual", product_id: "CSAFPID-1470070", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_one_virtual:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_plc_programming_tool", product: { name: "sinumerik_plc_programming_tool", product_id: "CSAFPID-1625338", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_plc_programming_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sinumerik_plc_programming_tool", product: { name: "sinumerik_plc_programming_tool", product_id: "CSAFPID-1470071", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sinumerik_plc_programming_tool:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_", product: { name: "siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_", product_id: "CSAFPID-1615264", product_identification_helper: { cpe: "cpe:2.3:a:siemens:siplus_s7-1500_cpu_1518-4_pn_dp_mfp__6ag1518-4ax00-4ac0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siport", product: { name: "siport", product_id: "CSAFPID-1712847", product_identification_helper: { cpe: "cpe:2.3:a:siemens:siport:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_safety_es_v17", product: { name: "sirius_safety_es_v17", product_id: "CSAFPID-1703204", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_safety_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_safety_es_v18", product: { name: "sirius_safety_es_v18", product_id: "CSAFPID-1703205", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_safety_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_soft_starter_es_v17", product: { name: "sirius_soft_starter_es_v17", product_id: "CSAFPID-1703206", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_soft_starter_es_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sirius_soft_starter_es_v18", product: { name: "sirius_soft_starter_es_v18", product_id: "CSAFPID-1703207", product_identification_helper: { cpe: "cpe:2.3:a:siemens:sirius_soft_starter_es_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "solid_edge_se2024", product: { name: "solid_edge_se2024", product_id: "CSAFPID-1680248", product_identification_helper: { cpe: "cpe:2.3:a:siemens:solid_edge_se2024:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spectrum_power_7", product: { name: "spectrum_power_7", product_id: "CSAFPID-524281", product_identification_helper: { cpe: "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "st7_scadaconnect", product: { name: "st7_scadaconnect", product_id: "CSAFPID-1691077", product_identification_helper: { cpe: "cpe:2.3:a:siemens:st7_scadaconnect:1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "st7_scadaconnect__6nh7997-5da10-0aa0_", product: { name: "st7_scadaconnect__6nh7997-5da10-0aa0_", product_id: "CSAFPID-1703173", product_identification_helper: { cpe: "cpe:2.3:a:siemens:st7_scadaconnect__6nh7997-5da10-0aa0_:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic", product: { name: "telecontrol_server_basic", product_id: "CSAFPID-1691051", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic:3.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_1000_v3.1", product: { name: "telecontrol_server_basic_1000_v3.1", product_id: "CSAFPID-1712839", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_1000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_256_v3.1", product: { name: "telecontrol_server_basic_256_v3.1", product_id: "CSAFPID-1712840", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_256_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_32_v3.1", product: { name: "telecontrol_server_basic_32_v3.1", product_id: "CSAFPID-1712841", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_32_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_5000_v3.1", product: { name: "telecontrol_server_basic_5000_v3.1", product_id: "CSAFPID-1712842", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_5000_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_64_v3.1", product: { name: "telecontrol_server_basic_64_v3.1", product_id: "CSAFPID-1712843", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_64_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_8_v3.1", product: { name: "telecontrol_server_basic_8_v3.1", product_id: "CSAFPID-1712844", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_8_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_serv_upgr", product: { name: "telecontrol_server_basic_serv_upgr", product_id: "CSAFPID-1712845", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_serv_upgr:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_upgr_v3.1", product: { name: "telecontrol_server_basic_upgr_v3.1", product_id: "CSAFPID-1712846", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_upgr_v3.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "telecontrol_server_basic_v3", product: { name: "telecontrol_server_basic_v3", product_id: "CSAFPID-1637855", product_identification_helper: { cpe: "cpe:2.3:a:siemens:telecontrol_server_basic_v3:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_connector", product: { name: "tia_portal_cloud_connector", product_id: "CSAFPID-1625345", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_connector:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_connector", product: { name: "tia_portal_cloud_connector", product_id: "CSAFPID-1470072", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_connector:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v16", product: { name: "tia_portal_cloud_v16", product_id: "CSAFPID-1712827", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v17", product: { name: "tia_portal_cloud_v17", product_id: "CSAFPID-1712828", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "tia_portal_cloud_v18", product: { name: "tia_portal_cloud_v18", product_id: "CSAFPID-1712829", product_identification_helper: { cpe: "cpe:2.3:a:siemens:tia_portal_cloud_v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74798", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:15.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-75533", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74794", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-74792", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal", product: { name: "totally_integrated_automation_portal", product_id: "CSAFPID-1472073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v15.1", product: { name: "totally_integrated_automation_portal__tia_portal__v15.1", product_id: "CSAFPID-1615531", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v15.1:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v15.1", product: { name: "totally_integrated_automation_portal__tia_portal__v15.1", product_id: "CSAFPID-1458014", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v15.1:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v16", product: { name: "totally_integrated_automation_portal__tia_portal__v16", product_id: "CSAFPID-1615256", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v16:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v16", product: { name: "totally_integrated_automation_portal__tia_portal__v16", product_id: "CSAFPID-1458015", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v16:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v17", product: { name: "totally_integrated_automation_portal__tia_portal__v17", product_id: "CSAFPID-1615257", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v17:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v17", product: { name: "totally_integrated_automation_portal__tia_portal__v17", product_id: "CSAFPID-1458016", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v17:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v18", product: { name: "totally_integrated_automation_portal__tia_portal__v18", product_id: "CSAFPID-1615258", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v18:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v18", product: { name: "totally_integrated_automation_portal__tia_portal__v18", product_id: "CSAFPID-1458017", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v18:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v19", product: { name: "totally_integrated_automation_portal__tia_portal__v19", product_id: "CSAFPID-1637618", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v19:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "totally_integrated_automation_portal__tia_portal__v19", product: { name: "totally_integrated_automation_portal__tia_portal__v19", product_id: "CSAFPID-1470073", product_identification_helper: { cpe: "cpe:2.3:a:siemens:totally_integrated_automation_portal__tia_portal__v19:0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "wincc", product: { name: "wincc", product_id: "CSAFPID-1625343", product_identification_helper: { cpe: "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "wincc_tia_portal", product: { name: "wincc_tia_portal", product_id: "CSAFPID-465667", product_identification_helper: { cpe: "cpe:2.3:a:siemens:wincc_tia_portal:11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500", product: { name: "simatic_s7-1500", product_id: "CSAFPID-715650", product_identification_helper: { cpe: "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7", product: { name: "simatic_s7", product_id: "CSAFPID-1613729", product_identification_helper: { cpe: "cpe:2.3:h:siemens:simatic_s7:1500:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "cpu_1518f-4_pn\\/dp_mfp_firmware", product: { name: "cpu_1518f-4_pn\\/dp_mfp_firmware", product_id: "CSAFPID-1691401", product_identification_helper: { cpe: "cpe:2.3:o:siemens:cpu_1518f-4_pn\\/dp_mfp_firmware:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "cpu_1518f-4_pn__dp_mfp_firmware", product: { name: "cpu_1518f-4_pn__dp_mfp_firmware", product_id: "CSAFPID-715649", product_identification_helper: { cpe: "cpe:2.3:o:siemens:cpu_1518f-4_pn__dp_mfp_firmware:3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808", product: { name: "ruggedcom_ape1808", product_id: "CSAFPID-880853", product_identification_helper: { cpe: "cpe:2.3:o:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "ruggedcom_ape1808_firmware", product: { name: "ruggedcom_ape1808_firmware", product_id: "CSAFPID-542833", product_identification_helper: { cpe: "cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "security_configuration_tool", product: { name: "security_configuration_tool", product_id: "CSAFPID-540747", product_identification_helper: { cpe: "cpe:2.3:o:siemens:security_configuration_tool:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_simatic_s7-1500_tm_mfp", product: { name: "siemens_simatic_s7-1500_tm_mfp", product_id: "CSAFPID-1693048", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_simatic_s7-1500_tm_mfp:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_simatic_s7_-1500_tm_mfp", product: { name: "siemens_simatic_s7_-1500_tm_mfp", product_id: "CSAFPID-907212", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_simatic_s7_-1500_tm_mfp:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "siemens_telecontrol_server_basic", product: { name: "siemens_telecontrol_server_basic", product_id: "CSAFPID-907211", product_identification_helper: { cpe: "cpe:2.3:o:siemens:siemens_telecontrol_server_basic:3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_mv500_firmware", product: { name: "simatic_mv500_firmware", product_id: "CSAFPID-1692274", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_mv500_firmware:3.3.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_net_pc_software", product: { name: "simatic_net_pc_software", product_id: "CSAFPID-1472070", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_pcs_7", product: { name: "simatic_pcs_7", product_id: "CSAFPID-1472067", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_pcs_7:9.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware", product: { name: "simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware", product_id: "CSAFPID-1689769", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp_mfp_firmware:3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware", product: { name: "simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware", product_id: "CSAFPID-766929", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn__dp_mfp_firmware:3.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_firmware", product: { name: "simatic_s7-1500_tm_mfp_firmware", product_id: "CSAFPID-717239", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_s7-1500_tm_mfp_firmware", product: { name: "simatic_s7-1500_tm_mfp_firmware", product_id: "CSAFPID-905869", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:1.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_step_7", product: { name: "simatic_step_7", product_id: "CSAFPID-879652", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_step_7:5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472068", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472066", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc", product: { name: "simatic_wincc", product_id: "CSAFPID-1472072", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc:8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_oa", product: { name: "simatic_wincc_oa", product_id: "CSAFPID-1472071", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_oa:3.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_advanced", product: { name: "simatic_wincc_runtime_advanced", product_id: "CSAFPID-886176", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165976", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:16:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-165974", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-855582", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "simatic_wincc_runtime_professional", product: { name: "simatic_wincc_runtime_professional", product_id: "CSAFPID-855580", product_identification_helper: { cpe: "cpe:2.3:o:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3506", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], references: [ { category: "self", summary: "CVE-2021-3506", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-3506.json", }, ], title: "CVE-2021-3506", }, { cve: "CVE-2023-2975", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], product_status: { known_affected: [ "CSAFPID-1703073", "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-2975", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2975.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1703073", "CSAFPID-309392", ], }, ], title: "CVE-2023-2975", }, { cve: "CVE-2023-3341", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], references: [ { category: "self", summary: "CVE-2023-3341", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3341.json", }, ], title: "CVE-2023-3341", }, { cve: "CVE-2023-3446", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703073", "CSAFPID-309392", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-1703173", ], }, references: [ { category: "self", summary: "CVE-2023-3446", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703073", "CSAFPID-309392", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-1703173", ], }, ], title: "CVE-2023-3446", }, { cve: "CVE-2023-3817", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Use of a Cryptographic Primitive with a Risky Implementation", title: "CWE-1240", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1613729", "CSAFPID-1703073", "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-3817", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1613729", "CSAFPID-1703073", "CSAFPID-309392", ], }, ], title: "CVE-2023-3817", }, { cve: "CVE-2023-4236", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-4236", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4236.json", }, ], title: "CVE-2023-4236", }, { cve: "CVE-2023-4408", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-4408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json", }, ], title: "CVE-2023-4408", }, { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-4807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4807.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-325", name: "Missing Cryptographic Step", }, notes: [ { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Incorrect Provision of Specified Functionality", title: "CWE-684", }, ], product_status: { known_affected: [ "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-5363", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5363.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5517", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-5517", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5517.json", }, ], title: "CVE-2023-5517", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Check for Unusual or Exceptional Conditions", title: "CWE-754", }, { category: "other", text: "Missing Cryptographic Step", title: "CWE-325", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1613729", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1637855", "CSAFPID-1703131", "CSAFPID-309392", "CSAFPID-1703173", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-5678", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json", }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-5679", cwe: { id: "CWE-617", name: "Reachable Assertion", }, notes: [ { category: "other", text: "Reachable Assertion", title: "CWE-617", }, ], references: [ { category: "self", summary: "CVE-2023-5679", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5679.json", }, ], title: "CVE-2023-5679", }, { cve: "CVE-2023-5680", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-5680", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5680.json", }, ], title: "CVE-2023-5680", }, { cve: "CVE-2023-6129", cwe: { id: "CWE-328", name: "Use of Weak Hash", }, notes: [ { category: "other", text: "Use of Weak Hash", title: "CWE-328", }, { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, ], references: [ { category: "self", summary: "CVE-2023-6129", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json", }, ], title: "CVE-2023-6129", }, { cve: "CVE-2023-6237", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], references: [ { category: "self", summary: "CVE-2023-6237", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6237.json", }, ], title: "CVE-2023-6237", }, { cve: "CVE-2023-6516", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, ], references: [ { category: "self", summary: "CVE-2023-6516", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6516.json", }, ], title: "CVE-2023-6516", }, { cve: "CVE-2023-7104", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], product_status: { known_affected: [ "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2023-7104", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7104.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1703131", ], }, ], title: "CVE-2023-7104", }, { cve: "CVE-2023-28450", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-1613504", "CSAFPID-1613505", "CSAFPID-1613506", "CSAFPID-1613507", "CSAFPID-1613592", "CSAFPID-1613593", "CSAFPID-1613594", "CSAFPID-1613595", "CSAFPID-1613596", "CSAFPID-1613597", "CSAFPID-1613598", ], }, references: [ { category: "self", summary: "CVE-2023-28450", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28450.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1613504", "CSAFPID-1613505", "CSAFPID-1613506", "CSAFPID-1613507", "CSAFPID-1613592", "CSAFPID-1613593", "CSAFPID-1613594", "CSAFPID-1613595", "CSAFPID-1613596", "CSAFPID-1613597", "CSAFPID-1613598", ], }, ], title: "CVE-2023-28450", }, { cve: "CVE-2023-30584", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-30584", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-30584.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-30584", }, { cve: "CVE-2023-32002", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Policy Privileges are not Assigned Consistently Between Control and Data Agents", title: "CWE-1268", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32002", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32002.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32002", }, { cve: "CVE-2023-32003", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32003", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32003.json", }, ], title: "CVE-2023-32003", }, { cve: "CVE-2023-32004", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32004", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32004.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32004", }, { cve: "CVE-2023-32005", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32005", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32005.json", }, ], title: "CVE-2023-32005", }, { cve: "CVE-2023-32006", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Exposure of Sensitive Information Due to Incompatible Policies", title: "CWE-213", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32006", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32006.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32006", }, { cve: "CVE-2023-32558", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32558", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32558.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32558", }, { cve: "CVE-2023-32559", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2023-32559", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32559.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2023-32559", }, { cve: "CVE-2023-32736", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1712825", "CSAFPID-1712826", "CSAFPID-1703190", "CSAFPID-1703191", "CSAFPID-1500667", "CSAFPID-1703187", "CSAFPID-1703188", "CSAFPID-1703189", "CSAFPID-1703192", "CSAFPID-1703193", "CSAFPID-1703194", "CSAFPID-1702687", "CSAFPID-1702688", "CSAFPID-1703195", "CSAFPID-1702694", "CSAFPID-1703196", "CSAFPID-1703197", "CSAFPID-1703198", "CSAFPID-1703199", "CSAFPID-1703200", "CSAFPID-1703201", "CSAFPID-1703202", "CSAFPID-1703203", "CSAFPID-1703204", "CSAFPID-1703205", "CSAFPID-1703206", "CSAFPID-1703207", "CSAFPID-1712827", "CSAFPID-1712828", "CSAFPID-1712829", ], }, references: [ { category: "self", summary: "CVE-2023-32736", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32736.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712825", "CSAFPID-1712826", "CSAFPID-1703190", "CSAFPID-1703191", "CSAFPID-1500667", "CSAFPID-1703187", "CSAFPID-1703188", "CSAFPID-1703189", "CSAFPID-1703192", "CSAFPID-1703193", "CSAFPID-1703194", "CSAFPID-1702687", "CSAFPID-1702688", "CSAFPID-1703195", "CSAFPID-1702694", "CSAFPID-1703196", "CSAFPID-1703197", "CSAFPID-1703198", "CSAFPID-1703199", "CSAFPID-1703200", "CSAFPID-1703201", "CSAFPID-1703202", "CSAFPID-1703203", "CSAFPID-1703204", "CSAFPID-1703205", "CSAFPID-1703206", "CSAFPID-1703207", "CSAFPID-1712827", "CSAFPID-1712828", "CSAFPID-1712829", ], }, ], title: "CVE-2023-32736", }, { cve: "CVE-2023-38552", cwe: { id: "CWE-354", name: "Improper Validation of Integrity Check Value", }, notes: [ { category: "other", text: "Improper Validation of Integrity Check Value", title: "CWE-354", }, ], references: [ { category: "self", summary: "CVE-2023-38552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38552.json", }, ], title: "CVE-2023-38552", }, { cve: "CVE-2023-38709", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "other", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, { category: "other", text: "Improper Validation of Specified Quantity in Input", title: "CWE-1284", }, ], references: [ { category: "self", summary: "CVE-2023-38709", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38709.json", }, ], title: "CVE-2023-38709", }, { cve: "CVE-2023-39331", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2023-39331", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39331.json", }, ], title: "CVE-2023-39331", }, { cve: "CVE-2023-39332", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2023-39332", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39332.json", }, ], title: "CVE-2023-39332", }, { cve: "CVE-2023-39333", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, ], references: [ { category: "self", summary: "CVE-2023-39333", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39333.json", }, ], title: "CVE-2023-39333", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-309392", "CSAFPID-1615259", "CSAFPID-1703173", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-309392", "CSAFPID-1615259", "CSAFPID-1703173", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-45143", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], references: [ { category: "self", summary: "CVE-2023-45143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45143.json", }, ], title: "CVE-2023-45143", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-201", name: "Insertion of Sensitive Information Into Sent Data", }, notes: [ { category: "other", text: "Insertion of Sensitive Information Into Sent Data", title: "CWE-201", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-46218", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, references: [ { category: "self", summary: "CVE-2023-46219", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703180", "CSAFPID-1703181", "CSAFPID-1703182", "CSAFPID-1703183", "CSAFPID-1703184", "CSAFPID-1703185", "CSAFPID-1703186", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2023-46280", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1458012", "CSAFPID-309392", "CSAFPID-1625338", "CSAFPID-1625340", "CSAFPID-1625341", "CSAFPID-75563", "CSAFPID-1625342", "CSAFPID-165765", "CSAFPID-1625345", "CSAFPID-766087", "CSAFPID-1637559", "CSAFPID-1637560", "CSAFPID-1637561", "CSAFPID-1637909", "CSAFPID-1637910", "CSAFPID-1637849", "CSAFPID-1637850", "CSAFPID-1637851", "CSAFPID-1637911", "CSAFPID-1501190", "CSAFPID-1637912", "CSAFPID-1637856", "CSAFPID-1637913", "CSAFPID-1637914", "CSAFPID-1637915", "CSAFPID-1637916", "CSAFPID-1637917", "CSAFPID-1637887", "CSAFPID-1501188", "CSAFPID-1501192", "CSAFPID-1637854", "CSAFPID-1501193", "CSAFPID-1501191", "CSAFPID-1501189", "CSAFPID-1615531", "CSAFPID-1615256", "CSAFPID-1615257", "CSAFPID-1615258", "CSAFPID-1637618", "CSAFPID-1470060", "CSAFPID-1470061", "CSAFPID-1470062", "CSAFPID-1470063", "CSAFPID-1470064", "CSAFPID-1457909", "CSAFPID-1470065", "CSAFPID-1470066", "CSAFPID-1457855", "CSAFPID-1457956", "CSAFPID-1457957", "CSAFPID-1457958", "CSAFPID-1470067", "CSAFPID-1457960", "CSAFPID-1457961", "CSAFPID-1457962", "CSAFPID-1457963", "CSAFPID-1470068", "CSAFPID-1457965", "CSAFPID-1457966", "CSAFPID-1457967", "CSAFPID-1470069", "CSAFPID-1470070", "CSAFPID-1470071", "CSAFPID-1470072", "CSAFPID-1458014", "CSAFPID-1458015", "CSAFPID-1458016", "CSAFPID-1458017", "CSAFPID-1470073", "CSAFPID-75533", "CSAFPID-1472069", "CSAFPID-1472073", "CSAFPID-74792", "CSAFPID-74794", "CSAFPID-1457906", "CSAFPID-1457907", "CSAFPID-1457908", ], }, references: [ { category: "self", summary: "CVE-2023-46280", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46280.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1458012", "CSAFPID-309392", "CSAFPID-1625338", "CSAFPID-1625340", "CSAFPID-1625341", "CSAFPID-75563", "CSAFPID-1625342", "CSAFPID-165765", "CSAFPID-1625345", "CSAFPID-766087", "CSAFPID-1637559", "CSAFPID-1637560", "CSAFPID-1637561", "CSAFPID-1637909", "CSAFPID-1637910", "CSAFPID-1637849", "CSAFPID-1637850", "CSAFPID-1637851", "CSAFPID-1637911", "CSAFPID-1501190", "CSAFPID-1637912", "CSAFPID-1637856", "CSAFPID-1637913", "CSAFPID-1637914", "CSAFPID-1637915", "CSAFPID-1637916", "CSAFPID-1637917", "CSAFPID-1637887", "CSAFPID-1501188", "CSAFPID-1501192", "CSAFPID-1637854", "CSAFPID-1501193", "CSAFPID-1501191", "CSAFPID-1501189", "CSAFPID-1615531", "CSAFPID-1615256", "CSAFPID-1615257", "CSAFPID-1615258", "CSAFPID-1637618", "CSAFPID-1470060", "CSAFPID-1470061", "CSAFPID-1470062", "CSAFPID-1470063", "CSAFPID-1470064", "CSAFPID-1457909", "CSAFPID-1470065", "CSAFPID-1470066", "CSAFPID-1457855", "CSAFPID-1457956", "CSAFPID-1457957", "CSAFPID-1457958", "CSAFPID-1470067", "CSAFPID-1457960", "CSAFPID-1457961", "CSAFPID-1457962", "CSAFPID-1457963", "CSAFPID-1470068", "CSAFPID-1457965", "CSAFPID-1457966", "CSAFPID-1457967", "CSAFPID-1470069", "CSAFPID-1470070", "CSAFPID-1470071", "CSAFPID-1470072", "CSAFPID-1458014", "CSAFPID-1458015", "CSAFPID-1458016", "CSAFPID-1458017", "CSAFPID-1470073", "CSAFPID-75533", "CSAFPID-1472069", "CSAFPID-1472073", "CSAFPID-74792", "CSAFPID-74794", "CSAFPID-1457906", "CSAFPID-1457907", "CSAFPID-1457908", ], }, ], title: "CVE-2023-46280", }, { cve: "CVE-2023-46809", cwe: { id: "CWE-208", name: "Observable Timing Discrepancy", }, notes: [ { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, ], references: [ { category: "self", summary: "CVE-2023-46809", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46809.json", }, ], title: "CVE-2023-46809", }, { cve: "CVE-2023-47038", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, ], references: [ { category: "self", summary: "CVE-2023-47038", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47038.json", }, ], title: "CVE-2023-47038", }, { cve: "CVE-2023-47039", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], references: [ { category: "self", summary: "CVE-2023-47039", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47039.json", }, ], title: "CVE-2023-47039", }, { cve: "CVE-2023-47100", references: [ { category: "self", summary: "CVE-2023-47100", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47100.json", }, ], title: "CVE-2023-47100", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "other", text: "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')", title: "CWE-757", }, ], product_status: { known_affected: [ "CSAFPID-1615259", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1615259", "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49441", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], references: [ { category: "self", summary: "CVE-2023-49441", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49441.json", }, ], title: "CVE-2023-49441", }, { cve: "CVE-2023-50387", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50387.json", }, ], title: "CVE-2023-50387", }, { cve: "CVE-2023-50868", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2023-50868", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json", }, ], title: "CVE-2023-50868", }, { cve: "CVE-2023-52389", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], references: [ { category: "self", summary: "CVE-2023-52389", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52389.json", }, ], title: "CVE-2023-52389", }, { cve: "CVE-2024-0232", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-0232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json", }, ], title: "CVE-2024-0232", }, { cve: "CVE-2024-0727", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1613729", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-0727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1613729", "CSAFPID-1703131", ], }, ], title: "CVE-2024-0727", }, { cve: "CVE-2024-2004", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "other", text: "Cleartext Transmission of Sensitive Information", title: "CWE-319", }, { category: "other", text: "Misinterpretation of Input", title: "CWE-115", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Interpretation Conflict", title: "CWE-436", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2004", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2004.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2004", }, { cve: "CVE-2024-2379", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2379", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2379.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2379", }, { cve: "CVE-2024-2398", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2398", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2398", }, { cve: "CVE-2024-2466", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Improper Validation of Certificate with Host Mismatch", title: "CWE-297", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, references: [ { category: "self", summary: "CVE-2024-2466", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2466.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-894438", ], }, ], title: "CVE-2024-2466", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "other", text: "Excessive Iteration", title: "CWE-834", }, ], references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1615260", "CSAFPID-1615261", "CSAFPID-1615262", "CSAFPID-1615263", "CSAFPID-1615264", "CSAFPID-1703131", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5594", references: [ { category: "self", summary: "CVE-2024-5594", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5594.json", }, ], title: "CVE-2024-5594", }, { cve: "CVE-2024-21890", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Insufficient Technical Documentation", title: "CWE-1059", }, ], references: [ { category: "self", summary: "CVE-2024-21890", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21890.json", }, ], title: "CVE-2024-21890", }, { cve: "CVE-2024-21891", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2024-21891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21891.json", }, ], title: "CVE-2024-21891", }, { cve: "CVE-2024-21892", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, ], references: [ { category: "self", summary: "CVE-2024-21892", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21892.json", }, ], title: "CVE-2024-21892", }, { cve: "CVE-2024-21896", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], references: [ { category: "self", summary: "CVE-2024-21896", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21896.json", }, ], title: "CVE-2024-21896", }, { cve: "CVE-2024-22017", cwe: { id: "CWE-271", name: "Privilege Dropping / Lowering Errors", }, notes: [ { category: "other", text: "Privilege Dropping / Lowering Errors", title: "CWE-271", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], references: [ { category: "self", summary: "CVE-2024-22017", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22017.json", }, ], title: "CVE-2024-22017", }, { cve: "CVE-2024-22019", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], references: [ { category: "self", summary: "CVE-2024-22019", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json", }, ], title: "CVE-2024-22019", }, { cve: "CVE-2024-22025", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, ], references: [ { category: "self", summary: "CVE-2024-22025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22025.json", }, ], title: "CVE-2024-22025", }, { cve: "CVE-2024-24758", cwe: { id: "CWE-942", name: "Permissive Cross-domain Policy with Untrusted Domains", }, notes: [ { category: "other", text: "Permissive Cross-domain Policy with Untrusted Domains", title: "CWE-942", }, { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], references: [ { category: "self", summary: "CVE-2024-24758", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24758.json", }, ], title: "CVE-2024-24758", }, { cve: "CVE-2024-24795", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, notes: [ { category: "other", text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", title: "CWE-113", }, ], references: [ { category: "self", summary: "CVE-2024-24795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24795.json", }, ], title: "CVE-2024-24795", }, { cve: "CVE-2024-24806", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], references: [ { category: "self", summary: "CVE-2024-24806", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24806.json", }, ], title: "CVE-2024-24806", }, { cve: "CVE-2024-26306", cwe: { id: "CWE-310", name: "-", }, notes: [ { category: "other", text: "CWE-310", title: "CWE-310", }, { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, ], references: [ { category: "self", summary: "CVE-2024-26306", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26306.json", }, ], title: "CVE-2024-26306", }, { cve: "CVE-2024-26925", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Locking", title: "CWE-667", }, ], references: [ { category: "self", summary: "CVE-2024-26925", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26925.json", }, ], title: "CVE-2024-26925", }, { cve: "CVE-2024-27316", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], references: [ { category: "self", summary: "CVE-2024-27316", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27316.json", }, ], title: "CVE-2024-27316", }, { cve: "CVE-2024-27980", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], references: [ { category: "self", summary: "CVE-2024-27980", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27980.json", }, ], title: "CVE-2024-27980", }, { cve: "CVE-2024-27982", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], references: [ { category: "self", summary: "CVE-2024-27982", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27982.json", }, ], title: "CVE-2024-27982", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28882", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, ], references: [ { category: "self", summary: "CVE-2024-28882", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28882.json", }, ], title: "CVE-2024-28882", }, { cve: "CVE-2024-29119", cwe: { id: "CWE-266", name: "Incorrect Privilege Assignment", }, notes: [ { category: "other", text: "Incorrect Privilege Assignment", title: "CWE-266", }, ], product_status: { known_affected: [ "CSAFPID-524281", ], }, references: [ { category: "self", summary: "CVE-2024-29119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29119.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-524281", ], }, ], title: "CVE-2024-29119", }, { cve: "CVE-2024-36140", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1712832", "CSAFPID-1712833", ], }, references: [ { category: "self", summary: "CVE-2024-36140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36140.json", }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1712832", "CSAFPID-1712833", ], }, ], title: "CVE-2024-36140", }, { cve: "CVE-2024-44102", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1712834", "CSAFPID-1712835", "CSAFPID-1712836", "CSAFPID-1712837", "CSAFPID-1712838", "CSAFPID-1712839", "CSAFPID-1712840", "CSAFPID-1712841", "CSAFPID-1712842", "CSAFPID-1712843", "CSAFPID-1712844", "CSAFPID-1712845", "CSAFPID-1712846", ], }, references: [ { category: "self", summary: "CVE-2024-44102", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44102.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712834", "CSAFPID-1712835", "CSAFPID-1712836", "CSAFPID-1712837", "CSAFPID-1712838", "CSAFPID-1712839", "CSAFPID-1712840", "CSAFPID-1712841", "CSAFPID-1712842", "CSAFPID-1712843", "CSAFPID-1712844", "CSAFPID-1712845", "CSAFPID-1712846", ], }, ], title: "CVE-2024-44102", }, { cve: "CVE-2024-46888", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46888", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46888.json", }, ], scores: [ { cvss_v3: { baseScore: 9.9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46888", }, { cve: "CVE-2024-46889", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "other", text: "Use of Hard-coded Cryptographic Key", title: "CWE-321", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46889", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46889.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46889", }, { cve: "CVE-2024-46890", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46890", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46890.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46890", }, { cve: "CVE-2024-46891", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46891.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46891", }, { cve: "CVE-2024-46892", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, notes: [ { category: "other", text: "Insufficient Session Expiration", title: "CWE-613", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46892", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46892.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46892", }, { cve: "CVE-2024-46894", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-746925", ], }, references: [ { category: "self", summary: "CVE-2024-46894", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46894.json", }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-746925", ], }, ], title: "CVE-2024-46894", }, { cve: "CVE-2024-47783", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-1712847", ], }, references: [ { category: "self", summary: "CVE-2024-47783", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47783.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1712847", ], }, ], title: "CVE-2024-47783", }, { cve: "CVE-2024-47808", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-309392", ], }, references: [ { category: "self", summary: "CVE-2024-47808", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47808.json", }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-309392", ], }, ], title: "CVE-2024-47808", }, { cve: "CVE-2024-47940", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47940", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47940.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47940", }, { cve: "CVE-2024-47941", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47941", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47941.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47941", }, { cve: "CVE-2024-47942", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1680248", ], }, references: [ { category: "self", summary: "CVE-2024-47942", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47942.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1680248", ], }, ], title: "CVE-2024-47942", }, { cve: "CVE-2024-50310", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "other", text: "Incorrect Authorization", title: "CWE-863", }, ], product_status: { known_affected: [ "CSAFPID-1712748", ], }, references: [ { category: "self", summary: "CVE-2024-50310", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50310.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-1712748", ], }, ], title: "CVE-2024-50310", }, { cve: "CVE-2024-50313", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1637622", "CSAFPID-1637623", "CSAFPID-1637624", "CSAFPID-1637625", "CSAFPID-1637626", ], }, references: [ { category: "self", summary: "CVE-2024-50313", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50313.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1637622", "CSAFPID-1637623", "CSAFPID-1637624", "CSAFPID-1637625", "CSAFPID-1637626", ], }, ], title: "CVE-2024-50313", }, { cve: "CVE-2024-50557", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50557", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50557.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50557", }, { cve: "CVE-2024-50558", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50558", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50558.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50558", }, { cve: "CVE-2024-50559", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50559", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50559.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50559", }, { cve: "CVE-2024-50560", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50560", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50560.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50560", }, { cve: "CVE-2024-50561", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50561.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50561", }, { cve: "CVE-2024-50572", cwe: { id: "CWE-74", name: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, ], product_status: { known_affected: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, references: [ { category: "self", summary: "CVE-2024-50572", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50572.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1702670", "CSAFPID-1702671", "CSAFPID-1702672", "CSAFPID-1712749", "CSAFPID-1712750", "CSAFPID-1702677", "CSAFPID-1702678", "CSAFPID-1702679", "CSAFPID-1712751", "CSAFPID-1712752", "CSAFPID-1702681", "CSAFPID-1712753", "CSAFPID-1702682", "CSAFPID-1702683", "CSAFPID-1712754", "CSAFPID-1712755", "CSAFPID-1712756", "CSAFPID-1712757", "CSAFPID-1712758", "CSAFPID-1712759", "CSAFPID-1702684", "CSAFPID-1702685", "CSAFPID-1712760", "CSAFPID-1712761", ], }, ], title: "CVE-2024-50572", }, ], }
ncsc-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, { category: "general", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "general", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "general", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, { category: "general", text: "Double Free", title: "CWE-415", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Uncontrolled Search Path Element", title: "CWE-427", }, { category: "general", text: "Encoding Error", title: "CWE-172", }, { category: "general", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, { category: "general", text: "Untrusted Search Path", title: "CWE-426", }, { category: "general", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, { category: "general", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Observable Discrepancy", title: "CWE-203", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "general", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CWE-275", title: "CWE-275", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "general", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, { category: "general", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, { category: "general", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, { category: "general", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CWE-18", title: "CWE-18", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, { category: "general", text: "Integer Coercion Error", title: "CWE-192", }, { category: "general", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "general", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, { category: "general", text: "Truncation of Security-relevant Information", title: "CWE-222", }, { category: "general", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, { category: "general", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "general", text: "Missing Critical Step in Authentication", title: "CWE-304", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", url: "https://www.oracle.com/security-alerts/cpuoct2024.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Database producten", tracking: { current_release_date: "2024-10-17T13:15:19.595269Z", id: "NCSC-2024-0411", initial_release_date: "2024-10-17T13:15:19.595269Z", revision_history: [ { date: "2024-10-17T13:15:19.595269Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673504", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_grid", product: { name: "database_-_grid", product_id: "CSAFPID-1673506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_core", product: { name: "database_-_core", product_id: "CSAFPID-1673442", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673507", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673509", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_security", product: { name: "database_-_security", product_id: "CSAFPID-1673508", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph_mapviewer", product: { name: "spatial_and_graph_mapviewer", product_id: "CSAFPID-912561", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-764250", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673511", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673512", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-816800", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "spatial_and_graph", product: { name: "spatial_and_graph", product_id: "CSAFPID-1673529", product_identification_helper: { cpe: "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning_-_micronaut", product: { name: "fleet_patching_and_provisioning_-_micronaut", product_id: "CSAFPID-1673492", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "fleet_patching_and_provisioning", product: { name: "fleet_patching_and_provisioning", product_id: "CSAFPID-1503603", product_identification_helper: { cpe: "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673445", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673443", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_xml_database", product: { name: "database_-_xml_database", product_id: "CSAFPID-1673444", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673451", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673450", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "database_-_java_vm", product: { name: "database_-_java_vm", product_id: "CSAFPID-1673452", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816798", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-816799", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-1673525", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912046", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503299", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816855", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816361", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912045", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503302", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912044", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-1503306", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816852", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912600", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816853", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-912601", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "graalvm_for_jdk", product: { name: "graalvm_for_jdk", product_id: "CSAFPID-816854", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-816801", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sqlcl", product: { name: "sqlcl", product_id: "CSAFPID-1673405", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_administration", product: { name: "application_express_administration", product_id: "CSAFPID-764731", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_customers_plugin", product: { name: "application_express_customers_plugin", product_id: "CSAFPID-764732", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express_team_calendar_plugin", product: { name: "application_express_team_calendar_plugin", product_id: "CSAFPID-764733", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-266119", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673510", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1503575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "application_express", product: { name: "application_express", product_id: "CSAFPID-1673188", product_identification_helper: { cpe: "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765238", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "autonomous_health_framework", product: { name: "autonomous_health_framework", product_id: "CSAFPID-765239", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-764779", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "blockchain_platform", product: { name: "blockchain_platform", product_id: "CSAFPID-89587", product_identification_helper: { cpe: "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-765259", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-187448", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-94075", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-220886", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-611394", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-816317", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-912567", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1503612", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "essbase", product: { name: "essbase", product_id: "CSAFPID-1673479", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_essbase", product: { name: "oracle_essbase", product_id: "CSAFPID-1650506", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-816845", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650825", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1673404", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data_and_application_adapters", product: { name: "goldengate_big_data_and_application_adapters", product_id: "CSAFPID-1650831", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_big_data", product: { name: "goldengate_big_data", product_id: "CSAFPID-764274", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-764752", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-1673384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220192", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_stream_analytics", product: { name: "goldengate_stream_analytics", product_id: "CSAFPID-220193", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-816846", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-611390", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_studio", product: { name: "goldengate_studio", product_id: "CSAFPID-764803", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate_veridata", product: { name: "goldengate_veridata", product_id: "CSAFPID-764275", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-342816", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-485902", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-219912", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503739", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1650765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "goldengate", product: { name: "goldengate", product_id: "CSAFPID-1503738", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_stream_analytics", product: { name: "oracle_goldengate_stream_analytics", product_id: "CSAFPID-1650515", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-764861", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "management_pack_for__goldengate", product: { name: "management_pack_for__goldengate", product_id: "CSAFPID-1503640", product_identification_helper: { cpe: "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate_studio", product: { name: "oracle_goldengate_studio", product_id: "CSAFPID-1650835", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_goldengate", product: { name: "oracle_goldengate", product_id: "CSAFPID-1650575", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764813", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503661", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1503663", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673497", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764764", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764765", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673491", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764766", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673495", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-764767", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673489", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1673488", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650757", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650758", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650760", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nosql_database", product: { name: "nosql_database", product_id: "CSAFPID-1650759", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_nosql_database", product: { name: "oracle_nosql_database", product_id: "CSAFPID-1650584", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_secure_backup", product: { name: "oracle_secure_backup", product_id: "CSAFPID-1650563", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-667692", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-345049", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-611417", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "secure_backup", product: { name: "secure_backup", product_id: "CSAFPID-1673422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "oracle_sql_developer", product: { name: "oracle_sql_developer", product_id: "CSAFPID-1650638", product_identification_helper: { cpe: "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-764822", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-220643", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816870", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-816871", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "sql_developer", product: { name: "sql_developer", product_id: "CSAFPID-1673397", product_identification_helper: { cpe: "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, { branches: [ { category: "product_name", name: "oracle_application_express", product: { name: "oracle_application_express", product_id: "CSAFPID-1673144", product_identification_helper: { cpe: "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle_corporation", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1471", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", ], }, references: [ { category: "self", summary: "CVE-2022-1471", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json", }, ], title: "CVE-2022-1471", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, notes: [ { category: "other", text: "Integer Coercion Error", title: "CWE-192", }, { category: "other", text: "Incorrect Conversion between Numeric Types", title: "CWE-681", }, ], product_status: { known_affected: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-34169", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-34169", }, { cve: "CVE-2022-36033", cwe: { id: "CWE-87", name: "Improper Neutralization of Alternate XSS Syntax", }, notes: [ { category: "other", text: "Improper Neutralization of Alternate XSS Syntax", title: "CWE-87", }, { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2022-36033", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2022-36033", }, { cve: "CVE-2022-37454", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Integer Overflow to Buffer Overflow", title: "CWE-680", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, references: [ { category: "self", summary: "CVE-2022-37454", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861", ], }, ], title: "CVE-2022-37454", }, { cve: "CVE-2022-38136", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-38136", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json", }, ], title: "CVE-2022-38136", }, { cve: "CVE-2022-40196", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-40196", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json", }, ], title: "CVE-2022-40196", }, { cve: "CVE-2022-41342", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2022-41342", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json", }, ], title: "CVE-2022-41342", }, { cve: "CVE-2022-42919", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-42919", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json", }, ], title: "CVE-2022-42919", }, { cve: "CVE-2022-45061", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Inefficient Algorithmic Complexity", title: "CWE-407", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2022-45061", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587", ], }, ], title: "CVE-2022-45061", }, { cve: "CVE-2022-46337", product_status: { known_affected: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, references: [ { category: "self", summary: "CVE-2022-46337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", ], }, ], title: "CVE-2022-46337", }, { cve: "CVE-2023-2976", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, ], product_status: { known_affected: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-2976", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-2976", }, { cve: "CVE-2023-4043", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-4043", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-4043", }, { cve: "CVE-2023-4759", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, notes: [ { category: "other", text: "Improper Link Resolution Before File Access ('Link Following')", title: "CWE-59", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-4759", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-4759", }, { cve: "CVE-2023-4863", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", ], }, references: [ { category: "self", summary: "CVE-2023-4863", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json", }, ], title: "CVE-2023-4863", }, { cve: "CVE-2023-5072", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-5072", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-5072", }, { cve: "CVE-2023-26031", cwe: { id: "CWE-426", name: "Untrusted Search Path", }, notes: [ { category: "other", text: "Untrusted Search Path", title: "CWE-426", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-26031", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-26031", }, { cve: "CVE-2023-26551", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26551", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json", }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26551", }, { cve: "CVE-2023-26552", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26552", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26552", }, { cve: "CVE-2023-26553", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26553", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26553", }, { cve: "CVE-2023-26554", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json", }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26554", }, { cve: "CVE-2023-26555", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-26555", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-26555", }, { cve: "CVE-2023-28484", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-28484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-28484", }, { cve: "CVE-2023-29469", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Double Free", title: "CWE-415", }, ], product_status: { known_affected: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-29469", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-29469", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-33201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-33201", }, { cve: "CVE-2023-37920", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "other", text: "Improper Certificate Validation", title: "CWE-295", }, { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, references: [ { category: "self", summary: "CVE-2023-37920", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", ], }, ], title: "CVE-2023-37920", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, references: [ { category: "self", summary: "CVE-2023-39410", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", ], }, ], title: "CVE-2023-39410", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-44981", cwe: { id: "CWE-639", name: "Authorization Bypass Through User-Controlled Key", }, notes: [ { category: "other", text: "Authorization Bypass Through User-Controlled Key", title: "CWE-639", }, ], product_status: { known_affected: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, references: [ { category: "self", summary: "CVE-2023-44981", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", ], }, ], title: "CVE-2023-44981", }, { cve: "CVE-2023-45288", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-45288", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-45288", }, { cve: "CVE-2023-48795", cwe: { id: "CWE-222", name: "Truncation of Security-relevant Information", }, notes: [ { category: "other", text: "Truncation of Security-relevant Information", title: "CWE-222", }, ], product_status: { known_affected: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, references: [ { category: "self", summary: "CVE-2023-48795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", ], }, ], title: "CVE-2023-48795", }, { cve: "CVE-2023-49083", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-49083", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-49083", }, { cve: "CVE-2023-51384", cwe: { id: "CWE-304", name: "Missing Critical Step in Authentication", }, notes: [ { category: "other", text: "Missing Critical Step in Authentication", title: "CWE-304", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51384", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51384", }, { cve: "CVE-2023-51385", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2023-51385", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2023-51385", }, { cve: "CVE-2023-52425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52425", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52425", }, { cve: "CVE-2023-52426", cwe: { id: "CWE-776", name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, notes: [ { category: "other", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2023-52426", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2023-52426", }, { cve: "CVE-2024-1874", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-1874", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-1874", }, { cve: "CVE-2024-2408", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "other", text: "Use of a Broken or Risky Cryptographic Algorithm", title: "CWE-327", }, { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-2408", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-2408", }, { cve: "CVE-2024-2511", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improperly Controlled Sequential Memory Allocation", title: "CWE-1325", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-2511", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4577", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-4577", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-4577", }, { cve: "CVE-2024-4603", cwe: { id: "CWE-606", name: "Unchecked Input for Loop Condition", }, notes: [ { category: "other", text: "Unchecked Input for Loop Condition", title: "CWE-606", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4603", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5458", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5458", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5458", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-5585", cwe: { id: "CWE-116", name: "Improper Encoding or Escaping of Output", }, notes: [ { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "other", text: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", title: "CWE-88", }, ], product_status: { known_affected: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-5585", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-5585", }, { cve: "CVE-2024-6119", cwe: { id: "CWE-843", name: "Access of Resource Using Incompatible Type ('Type Confusion')", }, notes: [ { category: "other", text: "Access of Resource Using Incompatible Type ('Type Confusion')", title: "CWE-843", }, ], product_status: { known_affected: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, references: [ { category: "self", summary: "CVE-2024-6119", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673508", "CSAFPID-1673525", ], }, ], title: "CVE-2024-6119", }, { cve: "CVE-2024-6232", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], references: [ { category: "self", summary: "CVE-2024-6232", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json", }, ], title: "CVE-2024-6232", }, { cve: "CVE-2024-7264", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, references: [ { category: "self", summary: "CVE-2024-7264", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512", ], }, ], title: "CVE-2024-7264", }, { cve: "CVE-2024-7592", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], references: [ { category: "self", summary: "CVE-2024-7592", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json", }, ], title: "CVE-2024-7592", }, { cve: "CVE-2024-21131", product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json", }, ], title: "CVE-2024-21131", }, { cve: "CVE-2024-21138", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json", }, ], title: "CVE-2024-21138", }, { cve: "CVE-2024-21140", product_status: { known_affected: [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21140", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json", }, ], title: "CVE-2024-21140", }, { cve: "CVE-2024-21144", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21144", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json", }, ], title: "CVE-2024-21144", }, { cve: "CVE-2024-21145", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21145", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json", }, ], title: "CVE-2024-21145", }, { cve: "CVE-2024-21147", product_status: { known_affected: [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-21147", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json", }, ], title: "CVE-2024-21147", }, { cve: "CVE-2024-21233", product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-21233", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-21233", }, { cve: "CVE-2024-21242", product_status: { known_affected: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, references: [ { category: "self", summary: "CVE-2024-21242", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json", }, ], scores: [ { cvss_v3: { baseScore: 3.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445", ], }, ], title: "CVE-2024-21242", }, { cve: "CVE-2024-21251", product_status: { known_affected: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, references: [ { category: "self", summary: "CVE-2024-21251", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452", ], }, ], title: "CVE-2024-21251", }, { cve: "CVE-2024-21261", product_status: { known_affected: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-21261", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-21261", }, { cve: "CVE-2024-22018", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22018", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22018", }, { cve: "CVE-2024-22020", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-22020", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-22020", }, { cve: "CVE-2024-22201", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-22201", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-22201", }, { cve: "CVE-2024-23807", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23807", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23807", }, { cve: "CVE-2024-23944", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-23944", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-23944", }, { cve: "CVE-2024-24989", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24989", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json", }, ], title: "CVE-2024-24989", }, { cve: "CVE-2024-24990", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-24990", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-24990", }, { cve: "CVE-2024-25710", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, notes: [ { category: "other", text: "Loop with Unreachable Exit Condition ('Infinite Loop')", title: "CWE-835", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-25710", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-25710", }, { cve: "CVE-2024-26130", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26130", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26130", }, { cve: "CVE-2024-26308", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-26308", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-26308", }, { cve: "CVE-2024-27983", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-27983", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-27983", }, { cve: "CVE-2024-28182", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Detection of Error Condition Without Action", title: "CWE-390", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28182", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28182", }, { cve: "CVE-2024-28849", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-28849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-28849", }, { cve: "CVE-2024-28887", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "other", text: "Uncontrolled Search Path Element", title: "CWE-427", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-28887", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-28887", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-29133", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, references: [ { category: "self", summary: "CVE-2024-29133", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", ], }, ], title: "CVE-2024-29133", }, { cve: "CVE-2024-31079", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-31079", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-31079", }, { cve: "CVE-2024-32760", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-32760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-32760", }, { cve: "CVE-2024-34161", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-34161", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-34161", }, { cve: "CVE-2024-34750", cwe: { id: "CWE-755", name: "Improper Handling of Exceptional Conditions", }, notes: [ { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, references: [ { category: "self", summary: "CVE-2024-34750", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673504", "CSAFPID-1673506", ], }, ], title: "CVE-2024-34750", }, { cve: "CVE-2024-35200", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-35200", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-35200", }, { cve: "CVE-2024-36137", cwe: { id: "CWE-275", name: "-", }, notes: [ { category: "other", text: "CWE-275", title: "CWE-275", }, { category: "other", text: "Incorrect Permission Assignment for Critical Resource", title: "CWE-732", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36137", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-36137", }, { cve: "CVE-2024-36138", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, ], product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-36138", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json", }, ], title: "CVE-2024-36138", }, { cve: "CVE-2024-36387", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-36387", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-36387", }, { cve: "CVE-2024-37370", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37370", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37370", }, { cve: "CVE-2024-37371", cwe: { id: "CWE-130", name: "Improper Handling of Length Parameter Inconsistency", }, notes: [ { category: "other", text: "Improper Handling of Length Parameter Inconsistency", title: "CWE-130", }, ], product_status: { known_affected: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, references: [ { category: "self", summary: "CVE-2024-37371", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509", ], }, ], title: "CVE-2024-37371", }, { cve: "CVE-2024-37372", product_status: { known_affected: [ "CSAFPID-89587", ], }, references: [ { category: "self", summary: "CVE-2024-37372", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json", }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-89587", ], }, ], title: "CVE-2024-37372", }, { cve: "CVE-2024-38356", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38356", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38356", }, { cve: "CVE-2024-38357", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38357", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38357", }, { cve: "CVE-2024-38472", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38472", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38472", }, { cve: "CVE-2024-38473", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38473", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38473", }, { cve: "CVE-2024-38474", cwe: { id: "CWE-172", name: "Encoding Error", }, notes: [ { category: "other", text: "Encoding Error", title: "CWE-172", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38474", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38474", }, { cve: "CVE-2024-38475", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Encoding or Escaping of Output", title: "CWE-116", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38475", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38475", }, { cve: "CVE-2024-38476", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Inclusion of Functionality from Untrusted Control Sphere", title: "CWE-829", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38476", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38476", }, { cve: "CVE-2024-38477", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-38477", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-38477", }, { cve: "CVE-2024-38998", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38998", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39573", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39573", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39573", }, { cve: "CVE-2024-39884", cwe: { id: "CWE-18", name: "-", }, notes: [ { category: "other", text: "CWE-18", title: "CWE-18", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", ], }, references: [ { category: "self", summary: "CVE-2024-39884", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", ], }, ], title: "CVE-2024-39884", }, { cve: "CVE-2024-40725", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Exposure of Resource to Wrong Sphere", title: "CWE-668", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40725", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40725", }, { cve: "CVE-2024-40898", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, ], product_status: { known_affected: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, references: [ { category: "self", summary: "CVE-2024-40898", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", ], }, ], title: "CVE-2024-40898", }, { cve: "CVE-2024-45490", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "other", text: "Incorrect Calculation of Buffer Size", title: "CWE-131", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45490", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45490", }, { cve: "CVE-2024-45491", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45491", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45491", }, { cve: "CVE-2024-45492", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, references: [ { category: "self", summary: "CVE-2024-45492", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386", ], }, ], title: "CVE-2024-45492", }, { cve: "CVE-2024-45801", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, ], product_status: { known_affected: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, references: [ { category: "self", summary: "CVE-2024-45801", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1503575", "CSAFPID-1673188", ], }, ], title: "CVE-2024-45801", }, ], }
suse-su-2024:1789-1
Vulnerability from csaf_suse
Published
2024-05-27 13:27
Modified
2024-05-27 13:27
Summary
Security update for openssl-3
Notes
Title of the patch
Security update for openssl-3
Description of the patch
This update for openssl-3 fixes the following issues:
- CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388).
Patchnames
SUSE-2024-1789,SUSE-SLE-Module-Basesystem-15-SP5-2024-1789,openSUSE-SLE-15.5-2024-1789
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssl-3", title: "Title of the patch", }, { category: "description", text: "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-1789,SUSE-SLE-Module-Basesystem-15-SP5-2024-1789,openSUSE-SLE-15.5-2024-1789", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1789-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:1789-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241789-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:1789-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-May/035365.html", }, { category: "self", summary: "SUSE Bug 1224388", url: "https://bugzilla.suse.com/1224388", }, { category: "self", summary: "SUSE CVE CVE-2024-4603 page", url: "https://www.suse.com/security/cve/CVE-2024-4603/", }, ], title: "Security update for openssl-3", tracking: { current_release_date: "2024-05-27T13:27:28Z", generator: { date: "2024-05-27T13:27:28Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:1789-1", initial_release_date: "2024-05-27T13:27:28Z", revision_history: [ { date: "2024-05-27T13:27:28Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", product: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", product_id: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150500.5.33.1.aarch64", product: { name: "libopenssl3-3.0.8-150500.5.33.1.aarch64", product_id: "libopenssl3-3.0.8-150500.5.33.1.aarch64", }, }, { category: "product_version", name: "openssl-3-3.0.8-150500.5.33.1.aarch64", product: { name: "openssl-3-3.0.8-150500.5.33.1.aarch64", product_id: "openssl-3-3.0.8-150500.5.33.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", product: { name: "libopenssl-3-devel-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", product_id: "libopenssl-3-devel-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", }, }, { category: "product_version", name: "libopenssl3-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", product: { name: "libopenssl3-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", product_id: "libopenssl3-64bit-3.0.8-150500.5.33.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150500.5.33.1.i586", product: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.i586", product_id: "libopenssl-3-devel-3.0.8-150500.5.33.1.i586", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150500.5.33.1.i586", product: { name: "libopenssl3-3.0.8-150500.5.33.1.i586", product_id: "libopenssl3-3.0.8-150500.5.33.1.i586", }, }, { category: "product_version", name: "openssl-3-3.0.8-150500.5.33.1.i586", product: { name: "openssl-3-3.0.8-150500.5.33.1.i586", product_id: "openssl-3-3.0.8-150500.5.33.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "openssl-3-doc-3.0.8-150500.5.33.1.noarch", product: { name: "openssl-3-doc-3.0.8-150500.5.33.1.noarch", product_id: "openssl-3-doc-3.0.8-150500.5.33.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", product: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", product_id: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150500.5.33.1.ppc64le", product: { name: "libopenssl3-3.0.8-150500.5.33.1.ppc64le", product_id: "libopenssl3-3.0.8-150500.5.33.1.ppc64le", }, }, { category: "product_version", name: "openssl-3-3.0.8-150500.5.33.1.ppc64le", product: { name: "openssl-3-3.0.8-150500.5.33.1.ppc64le", product_id: "openssl-3-3.0.8-150500.5.33.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", product: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", product_id: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150500.5.33.1.s390x", product: { name: "libopenssl3-3.0.8-150500.5.33.1.s390x", product_id: "libopenssl3-3.0.8-150500.5.33.1.s390x", }, }, { category: "product_version", name: "openssl-3-3.0.8-150500.5.33.1.s390x", product: { name: "openssl-3-3.0.8-150500.5.33.1.s390x", product_id: "openssl-3-3.0.8-150500.5.33.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", product: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", product_id: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", product: { name: "libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", product_id: "libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150500.5.33.1.x86_64", product: { name: "libopenssl3-3.0.8-150500.5.33.1.x86_64", product_id: "libopenssl3-3.0.8-150500.5.33.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", product: { name: "libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", product_id: "libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", }, }, { category: "product_version", name: "openssl-3-3.0.8-150500.5.33.1.x86_64", product: { name: "openssl-3-3.0.8-150500.5.33.1.x86_64", product_id: "openssl-3-3.0.8-150500.5.33.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp5", }, }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.s390x", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.aarch64", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.s390x", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.x86_64", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.s390x", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150500.5.33.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", }, product_reference: "libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.aarch64", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.ppc64le", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.s390x", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150500.5.33.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.x86_64", }, product_reference: "openssl-3-3.0.8-150500.5.33.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.0.8-150500.5.33.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.33.1.noarch", }, product_reference: "openssl-3-doc-3.0.8-150500.5.33.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, ], }, vulnerabilities: [ { cve: "CVE-2024-4603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4603", }, ], notes: [ { category: "general", text: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.33.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-4603", url: "https://www.suse.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "SUSE Bug 1224388 for CVE-2024-4603", url: "https://bugzilla.suse.com/1224388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.33.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl-3-devel-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl-3-devel-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:libopenssl3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:libopenssl3-32bit-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.aarch64", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.ppc64le", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.s390x", "openSUSE Leap 15.5:openssl-3-3.0.8-150500.5.33.1.x86_64", "openSUSE Leap 15.5:openssl-3-doc-3.0.8-150500.5.33.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-05-27T13:27:28Z", details: "moderate", }, ], title: "CVE-2024-4603", }, ], }
suse-su-2024:2066-1
Vulnerability from csaf_suse
Published
2024-06-18 11:16
Modified
2024-06-18 11:16
Summary
Security update for openssl-3
Notes
Title of the patch
Security update for openssl-3
Description of the patch
This update for openssl-3 fixes the following issues:
Security issues fixed:
- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)
Other issues fixed:
- Enable livepatching support (bsc#1223428)
- Fix HDKF key derivation (bsc#1225291, gh#openssl/openssl#23448, + gh#openssl/openssl#23456)
Patchnames
SUSE-2024-2066,SUSE-SLE-Module-Basesystem-15-SP6-2024-2066,openSUSE-SLE-15.6-2024-2066
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssl-3", title: "Title of the patch", }, { category: "description", text: "This update for openssl-3 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)\n- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)\n\nOther issues fixed:\n\n- Enable livepatching support (bsc#1223428)\n- Fix HDKF key derivation (bsc#1225291, gh#openssl/openssl#23448, + gh#openssl/openssl#23456)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-2066,SUSE-SLE-Module-Basesystem-15-SP6-2024-2066,openSUSE-SLE-15.6-2024-2066", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2066-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:2066-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20242066-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:2066-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-June/035614.html", }, { category: "self", summary: "SUSE Bug 1223428", url: "https://bugzilla.suse.com/1223428", }, { category: "self", summary: "SUSE Bug 1224388", url: "https://bugzilla.suse.com/1224388", }, { category: "self", summary: "SUSE Bug 1225291", url: "https://bugzilla.suse.com/1225291", }, { category: "self", summary: "SUSE Bug 1225551", url: "https://bugzilla.suse.com/1225551", }, { category: "self", summary: "SUSE CVE CVE-2024-4603 page", url: "https://www.suse.com/security/cve/CVE-2024-4603/", }, { category: "self", summary: "SUSE CVE CVE-2024-4741 page", url: "https://www.suse.com/security/cve/CVE-2024-4741/", }, ], title: "Security update for openssl-3", tracking: { current_release_date: "2024-06-18T11:16:10Z", generator: { date: "2024-06-18T11:16:10Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:2066-1", initial_release_date: "2024-06-18T11:16:10Z", revision_history: [ { date: "2024-06-18T11:16:10Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", product: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", product_id: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", product: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", product_id: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-3.1.4-150600.5.7.1.aarch64", product: { name: "libopenssl3-3.1.4-150600.5.7.1.aarch64", product_id: "libopenssl3-3.1.4-150600.5.7.1.aarch64", }, }, { category: "product_version", name: "openssl-3-3.1.4-150600.5.7.1.aarch64", product: { name: "openssl-3-3.1.4-150600.5.7.1.aarch64", product_id: "openssl-3-3.1.4-150600.5.7.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product: { name: "libopenssl-3-devel-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product_id: "libopenssl-3-devel-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product: { name: "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product_id: "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", }, }, { category: "product_version", name: "libopenssl3-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product: { name: "libopenssl3-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", product_id: "libopenssl3-64bit-3.1.4-150600.5.7.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-150600.5.7.1.i586", product: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.i586", product_id: "libopenssl-3-devel-3.1.4-150600.5.7.1.i586", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.i586", product: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.i586", product_id: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.i586", }, }, { category: "product_version", name: "libopenssl3-3.1.4-150600.5.7.1.i586", product: { name: "libopenssl3-3.1.4-150600.5.7.1.i586", product_id: "libopenssl3-3.1.4-150600.5.7.1.i586", }, }, { category: "product_version", name: "openssl-3-3.1.4-150600.5.7.1.i586", product: { name: "openssl-3-3.1.4-150600.5.7.1.i586", product_id: "openssl-3-3.1.4-150600.5.7.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "openssl-3-doc-3.1.4-150600.5.7.1.noarch", product: { name: "openssl-3-doc-3.1.4-150600.5.7.1.noarch", product_id: "openssl-3-doc-3.1.4-150600.5.7.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", product: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", product_id: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", product: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", product_id: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-3.1.4-150600.5.7.1.ppc64le", product: { name: "libopenssl3-3.1.4-150600.5.7.1.ppc64le", product_id: "libopenssl3-3.1.4-150600.5.7.1.ppc64le", }, }, { category: "product_version", name: "openssl-3-3.1.4-150600.5.7.1.ppc64le", product: { name: "openssl-3-3.1.4-150600.5.7.1.ppc64le", product_id: "openssl-3-3.1.4-150600.5.7.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", product: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", product_id: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", product: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", product_id: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", }, }, { category: "product_version", name: "libopenssl3-3.1.4-150600.5.7.1.s390x", product: { name: "libopenssl3-3.1.4-150600.5.7.1.s390x", product_id: "libopenssl3-3.1.4-150600.5.7.1.s390x", }, }, { category: "product_version", name: "openssl-3-3.1.4-150600.5.7.1.s390x", product: { name: "openssl-3-3.1.4-150600.5.7.1.s390x", product_id: "openssl-3-3.1.4-150600.5.7.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl3-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl3-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", product: { name: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", product_id: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", }, }, { category: "product_version", name: "openssl-3-3.1.4-150600.5.7.1.x86_64", product: { name: "openssl-3-3.1.4-150600.5.7.1.x86_64", product_id: "openssl-3-3.1.4-150600.5.7.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl3-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", }, product_reference: "libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-150600.5.7.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", }, product_reference: "openssl-3-3.1.4-150600.5.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.1.4-150600.5.7.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", }, product_reference: "openssl-3-doc-3.1.4-150600.5.7.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-4603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4603", }, ], notes: [ { category: "general", text: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-4603", url: "https://www.suse.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "SUSE Bug 1224388 for CVE-2024-4603", url: "https://bugzilla.suse.com/1224388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-06-18T11:16:10Z", details: "moderate", }, ], title: "CVE-2024-4603", }, { cve: "CVE-2024-4741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4741", }, ], notes: [ { category: "general", text: "Issue summary: Calling the OpenSSL API function SSL_free_buffers may cause\nmemory to be accessed that was previously freed in some situations\n\nImpact summary: A use after free can have a range of potential consequences such\nas the corruption of valid data, crashes or execution of arbitrary code.\nHowever, only applications that directly call the SSL_free_buffers function are\naffected by this issue. Applications that do not call this function are not\nvulnerable. Our investigations indicate that this function is rarely used by\napplications.\n\nThe SSL_free_buffers function is used to free the internal OpenSSL buffer used\nwhen processing an incoming record from the network. The call is only expected\nto succeed if the buffer is not currently in use. However, two scenarios have\nbeen identified where the buffer is freed even when still in use.\n\nThe first scenario occurs where a record header has been received from the\nnetwork and processed by OpenSSL, but the full record body has not yet arrived.\nIn this case calling SSL_free_buffers will succeed even though a record has only\nbeen partially processed and the buffer is still in use.\n\nThe second scenario occurs where a full record containing application data has\nbeen received and processed by OpenSSL but the application has only read part of\nthis data. Again a call to SSL_free_buffers will succeed even though the buffer\nis still in use.\n\nWhile these scenarios could occur accidentally during normal operation a\nmalicious attacker could attempt to engineer a stituation where this occurs.\nWe are not aware of this issue being actively exploited.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-4741", url: "https://www.suse.com/security/cve/CVE-2024-4741", }, { category: "external", summary: "SUSE Bug 1225551 for CVE-2024-4741", url: "https://bugzilla.suse.com/1225551", }, { category: "external", summary: "SUSE Bug 1225552 for CVE-2024-4741", url: "https://bugzilla.suse.com/1225552", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-devel-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-devel-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl-3-fips-provider-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:libopenssl3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:libopenssl3-32bit-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.aarch64", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.ppc64le", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.s390x", "openSUSE Leap 15.6:openssl-3-3.1.4-150600.5.7.1.x86_64", "openSUSE Leap 15.6:openssl-3-doc-3.1.4-150600.5.7.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-06-18T11:16:10Z", details: "important", }, ], title: "CVE-2024-4741", }, ], }
suse-su-2024:1947-1
Vulnerability from csaf_suse
Published
2024-06-07 15:06
Modified
2024-06-07 15:06
Summary
Security update for openssl-3
Notes
Title of the patch
Security update for openssl-3
Description of the patch
This update for openssl-3 fixes the following issues:
- CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548).
- CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388).
Patchnames
SUSE-2024-1947,SUSE-SLE-Micro-5.3-2024-1947,SUSE-SLE-Micro-5.4-2024-1947,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1947,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1947,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1947,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1947,openSUSE-Leap-Micro-5.3-2024-1947,openSUSE-Leap-Micro-5.4-2024-1947
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for openssl-3", title: "Title of the patch", }, { category: "description", text: "This update for openssl-3 fixes the following issues:\n\n- CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548).\n- CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-1947,SUSE-SLE-Micro-5.3-2024-1947,SUSE-SLE-Micro-5.4-2024-1947,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1947,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1947,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1947,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1947,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1947,openSUSE-Leap-Micro-5.3-2024-1947,openSUSE-Leap-Micro-5.4-2024-1947", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1947-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:1947-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20241947-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:1947-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-June/035495.html", }, { category: "self", summary: "SUSE Bug 1222548", url: "https://bugzilla.suse.com/1222548", }, { category: "self", summary: "SUSE Bug 1224388", url: "https://bugzilla.suse.com/1224388", }, { category: "self", summary: "SUSE CVE CVE-2024-2511 page", url: "https://www.suse.com/security/cve/CVE-2024-2511/", }, { category: "self", summary: "SUSE CVE CVE-2024-4603 page", url: "https://www.suse.com/security/cve/CVE-2024-4603/", }, ], title: "Security update for openssl-3", tracking: { current_release_date: "2024-06-07T15:06:16Z", generator: { date: "2024-06-07T15:06:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:1947-1", initial_release_date: "2024-06-07T15:06:16Z", revision_history: [ { date: "2024-06-07T15:06:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", product: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", product_id: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150400.4.54.1.aarch64", product: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64", product_id: "libopenssl3-3.0.8-150400.4.54.1.aarch64", }, }, { category: "product_version", name: "openssl-3-3.0.8-150400.4.54.1.aarch64", product: { name: "openssl-3-3.0.8-150400.4.54.1.aarch64", product_id: "openssl-3-3.0.8-150400.4.54.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", product: { name: "libopenssl-3-devel-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", product_id: "libopenssl-3-devel-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", }, }, { category: "product_version", name: "libopenssl3-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", product: { name: "libopenssl3-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", product_id: "libopenssl3-64bit-3.0.8-150400.4.54.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150400.4.54.1.i586", product: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.i586", product_id: "libopenssl-3-devel-3.0.8-150400.4.54.1.i586", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150400.4.54.1.i586", product: { name: "libopenssl3-3.0.8-150400.4.54.1.i586", product_id: "libopenssl3-3.0.8-150400.4.54.1.i586", }, }, { category: "product_version", name: "openssl-3-3.0.8-150400.4.54.1.i586", product: { name: "openssl-3-3.0.8-150400.4.54.1.i586", product_id: "openssl-3-3.0.8-150400.4.54.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "openssl-3-doc-3.0.8-150400.4.54.1.noarch", product: { name: "openssl-3-doc-3.0.8-150400.4.54.1.noarch", product_id: "openssl-3-doc-3.0.8-150400.4.54.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", product: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", product_id: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", product: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", product_id: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, }, { category: "product_version", name: "openssl-3-3.0.8-150400.4.54.1.ppc64le", product: { name: "openssl-3-3.0.8-150400.4.54.1.ppc64le", product_id: "openssl-3-3.0.8-150400.4.54.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", product: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", product_id: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150400.4.54.1.s390x", product: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x", product_id: "libopenssl3-3.0.8-150400.4.54.1.s390x", }, }, { category: "product_version", name: "openssl-3-3.0.8-150400.4.54.1.s390x", product: { name: "openssl-3-3.0.8-150400.4.54.1.s390x", product_id: "openssl-3-3.0.8-150400.4.54.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", product: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", product_id: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.0.8-150400.4.54.1.x86_64", product: { name: "libopenssl-3-devel-32bit-3.0.8-150400.4.54.1.x86_64", product_id: "libopenssl-3-devel-32bit-3.0.8-150400.4.54.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-3.0.8-150400.4.54.1.x86_64", product: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64", product_id: "libopenssl3-3.0.8-150400.4.54.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-32bit-3.0.8-150400.4.54.1.x86_64", product: { name: "libopenssl3-32bit-3.0.8-150400.4.54.1.x86_64", product_id: "libopenssl3-32bit-3.0.8-150400.4.54.1.x86_64", }, }, { category: "product_version", name: "openssl-3-3.0.8-150400.4.54.1.x86_64", product: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64", product_id: "openssl-3-3.0.8-150400.4.54.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.4", product: { name: "SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp4", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 4.3", product: { name: "SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.3", product: { name: "SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.3", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.4", product: { name: "openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.ppc64le as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.s390x as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.0.8-150400.4.54.1.x86_64 as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "openssl-3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.aarch64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.ppc64le as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.s390x as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.0.8-150400.4.54.1.x86_64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", }, product_reference: "libopenssl3-3.0.8-150400.4.54.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, ], }, vulnerabilities: [ { cve: "CVE-2024-2511", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-2511", }, ], notes: [ { category: "general", text: "Issue summary: Some non-default TLS server configurations can cause unbounded\nmemory growth when processing TLSv1.3 sessions\n\nImpact summary: An attacker may exploit certain server configurations to trigger\nunbounded memory growth that would lead to a Denial of Service\n\nThis problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is\nbeing used (but not if early_data support is also configured and the default\nanti-replay protection is in use). In this case, under certain conditions, the\nsession cache can get into an incorrect state and it will fail to flush properly\nas it fills. The session cache will continue to grow in an unbounded manner. A\nmalicious client could deliberately create the scenario for this failure to\nforce a Denial of Service. It may also happen by accident in normal operation.\n\nThis issue only affects TLS servers supporting TLSv1.3. It does not affect TLS\nclients.\n\nThe FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL\n1.0.2 is also not affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-2511", url: "https://www.suse.com/security/cve/CVE-2024-2511", }, { category: "external", summary: "SUSE Bug 1222548 for CVE-2024-2511", url: "https://bugzilla.suse.com/1222548", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-07T15:06:16Z", details: "moderate", }, ], title: "CVE-2024-2511", }, { cve: "CVE-2024-4603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4603", }, ], notes: [ { category: "general", text: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4603", url: "https://www.suse.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "SUSE Bug 1224388 for CVE-2024-4603", url: "https://bugzilla.suse.com/1224388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Proxy 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl-3-devel-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.ppc64le", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.s390x", "SUSE Manager Server 4.3:openssl-3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.3:libopenssl3-3.0.8-150400.4.54.1.x86_64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.aarch64", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.ppc64le", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.s390x", "openSUSE Leap Micro 5.4:libopenssl3-3.0.8-150400.4.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-07T15:06:16Z", details: "moderate", }, ], title: "CVE-2024-4603", }, ], }
opensuse-su-2024:13992-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libopenssl-3-devel-3.1.4-8.1 on GA media
Notes
Title of the patch
libopenssl-3-devel-3.1.4-8.1 on GA media
Description of the patch
These are all security issues fixed in the libopenssl-3-devel-3.1.4-8.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13992
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "libopenssl-3-devel-3.1.4-8.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the libopenssl-3-devel-3.1.4-8.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-13992", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13992-1.json", }, { category: "self", summary: "SUSE CVE CVE-2024-4603 page", url: "https://www.suse.com/security/cve/CVE-2024-4603/", }, ], title: "libopenssl-3-devel-3.1.4-8.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:13992-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-8.1.aarch64", product: { name: "libopenssl-3-devel-3.1.4-8.1.aarch64", product_id: "libopenssl-3-devel-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", product: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", product_id: "libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-8.1.aarch64", product: { name: "libopenssl-3-fips-provider-3.1.4-8.1.aarch64", product_id: "libopenssl-3-fips-provider-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", product: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", product_id: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", product: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", product_id: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-3.1.4-8.1.aarch64", product: { name: "libopenssl3-3.1.4-8.1.aarch64", product_id: "libopenssl3-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-32bit-3.1.4-8.1.aarch64", product: { name: "libopenssl3-32bit-3.1.4-8.1.aarch64", product_id: "libopenssl3-32bit-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", product: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", product_id: "libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "openssl-3-3.1.4-8.1.aarch64", product: { name: "openssl-3-3.1.4-8.1.aarch64", product_id: "openssl-3-3.1.4-8.1.aarch64", }, }, { category: "product_version", name: "openssl-3-doc-3.1.4-8.1.aarch64", product: { name: "openssl-3-doc-3.1.4-8.1.aarch64", product_id: "openssl-3-doc-3.1.4-8.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-8.1.ppc64le", product: { name: "libopenssl-3-devel-3.1.4-8.1.ppc64le", product_id: "libopenssl-3-devel-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", product: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", product_id: "libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", product: { name: "libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", product_id: "libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", product: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", product_id: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", product: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", product_id: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-3.1.4-8.1.ppc64le", product: { name: "libopenssl3-3.1.4-8.1.ppc64le", product_id: "libopenssl3-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-32bit-3.1.4-8.1.ppc64le", product: { name: "libopenssl3-32bit-3.1.4-8.1.ppc64le", product_id: "libopenssl3-32bit-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", product: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", product_id: "libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "openssl-3-3.1.4-8.1.ppc64le", product: { name: "openssl-3-3.1.4-8.1.ppc64le", product_id: "openssl-3-3.1.4-8.1.ppc64le", }, }, { category: "product_version", name: "openssl-3-doc-3.1.4-8.1.ppc64le", product: { name: "openssl-3-doc-3.1.4-8.1.ppc64le", product_id: "openssl-3-doc-3.1.4-8.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-8.1.s390x", product: { name: "libopenssl-3-devel-3.1.4-8.1.s390x", product_id: "libopenssl-3-devel-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.1.4-8.1.s390x", product: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.s390x", product_id: "libopenssl-3-devel-32bit-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-8.1.s390x", product: { name: "libopenssl-3-fips-provider-3.1.4-8.1.s390x", product_id: "libopenssl-3-fips-provider-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", product: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", product_id: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", product: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", product_id: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl3-3.1.4-8.1.s390x", product: { name: "libopenssl3-3.1.4-8.1.s390x", product_id: "libopenssl3-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl3-32bit-3.1.4-8.1.s390x", product: { name: "libopenssl3-32bit-3.1.4-8.1.s390x", product_id: "libopenssl3-32bit-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "libopenssl3-x86-64-v3-3.1.4-8.1.s390x", product: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.s390x", product_id: "libopenssl3-x86-64-v3-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "openssl-3-3.1.4-8.1.s390x", product: { name: "openssl-3-3.1.4-8.1.s390x", product_id: "openssl-3-3.1.4-8.1.s390x", }, }, { category: "product_version", name: "openssl-3-doc-3.1.4-8.1.s390x", product: { name: "openssl-3-doc-3.1.4-8.1.s390x", product_id: "openssl-3-doc-3.1.4-8.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libopenssl-3-devel-3.1.4-8.1.x86_64", product: { name: "libopenssl-3-devel-3.1.4-8.1.x86_64", product_id: "libopenssl-3-devel-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", product: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", product_id: "libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-3.1.4-8.1.x86_64", product: { name: "libopenssl-3-fips-provider-3.1.4-8.1.x86_64", product_id: "libopenssl-3-fips-provider-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", product: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", product_id: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", product: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", product_id: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-3.1.4-8.1.x86_64", product: { name: "libopenssl3-3.1.4-8.1.x86_64", product_id: "libopenssl3-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-32bit-3.1.4-8.1.x86_64", product: { name: "libopenssl3-32bit-3.1.4-8.1.x86_64", product_id: "libopenssl3-32bit-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", product: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", product_id: "libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "openssl-3-3.1.4-8.1.x86_64", product: { name: "openssl-3-3.1.4-8.1.x86_64", product_id: "openssl-3-3.1.4-8.1.x86_64", }, }, { category: "product_version", name: "openssl-3-doc-3.1.4-8.1.x86_64", product: { name: "openssl-3-doc-3.1.4-8.1.x86_64", product_id: "openssl-3-doc-3.1.4-8.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.aarch64", }, product_reference: "libopenssl-3-devel-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl-3-devel-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.s390x", }, product_reference: "libopenssl-3-devel-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.x86_64", }, product_reference: "libopenssl-3-devel-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", }, product_reference: "libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.s390x", }, product_reference: "libopenssl-3-devel-32bit-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-devel-32bit-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", }, product_reference: "libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.aarch64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.s390x", }, product_reference: "libopenssl-3-fips-provider-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", }, product_reference: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", }, product_reference: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", }, product_reference: "libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.aarch64", }, product_reference: "libopenssl3-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl3-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.s390x", }, product_reference: "libopenssl3-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.x86_64", }, product_reference: "libopenssl3-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.aarch64", }, product_reference: "libopenssl3-32bit-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl3-32bit-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.s390x", }, product_reference: "libopenssl3-32bit-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-32bit-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.x86_64", }, product_reference: "libopenssl3-32bit-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", }, product_reference: "libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", }, product_reference: "libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.s390x", }, product_reference: "libopenssl3-x86-64-v3-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libopenssl3-x86-64-v3-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", }, product_reference: "libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.aarch64", }, product_reference: "openssl-3-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.ppc64le", }, product_reference: "openssl-3-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.s390x", }, product_reference: "openssl-3-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.x86_64", }, product_reference: "openssl-3-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.1.4-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.aarch64", }, product_reference: "openssl-3-doc-3.1.4-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.1.4-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.ppc64le", }, product_reference: "openssl-3-doc-3.1.4-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.1.4-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.s390x", }, product_reference: "openssl-3-doc-3.1.4-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "openssl-3-doc-3.1.4-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.x86_64", }, product_reference: "openssl-3-doc-3.1.4-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2024-4603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-4603", }, ], notes: [ { category: "general", text: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-4603", url: "https://www.suse.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "SUSE Bug 1224388 for CVE-2024-4603", url: "https://bugzilla.suse.com/1224388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-32bit-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-3.1.4-8.1.x86_64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.aarch64", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.ppc64le", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.s390x", "openSUSE Tumbleweed:openssl-3-doc-3.1.4-8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-4603", }, ], }
ghsa-85xr-ghj6-6m46
Vulnerability from github
Published
2024-05-16 18:30
Modified
2024-08-13 18:31
Severity ?
Details
Issue summary: Checking excessively long DSA keys or parameters may be very slow.
Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.
The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform
various checks on DSA parameters. Some of those computations take a long time
if the modulus (p parameter) is too large.
Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks.
An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.
These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable.
Also vulnerable are the OpenSSL pkey and pkeyparam command line applications
when using the -check option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
{ affected: [], aliases: [ "CVE-2024-4603", ], database_specific: { cwe_ids: [ "CWE-606", "CWE-834", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-05-16T16:15:10Z", severity: "MODERATE", }, details: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", id: "GHSA-85xr-ghj6-6m46", modified: "2024-08-13T18:31:13Z", published: "2024-05-16T18:30:32Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { type: "WEB", url: "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", }, { type: "WEB", url: "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", }, { type: "WEB", url: "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", }, { type: "WEB", url: "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20240621-0001", }, { type: "WEB", url: "https://www.openssl.org/news/secadv/20240516.txt", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2024/05/16/2", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", type: "CVSS_V3", }, ], }
fkie_cve-2024-4603
Vulnerability from fkie_nvd
Published
2024-05-16 16:15
Modified
2024-11-21 09:43
Severity ?
Summary
Issue summary: Checking excessively long DSA keys or parameters may be very
slow.
Impact summary: Applications that use the functions EVP_PKEY_param_check()
or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may
experience long delays. Where the key or parameters that are being checked
have been obtained from an untrusted source this may lead to a Denial of
Service.
The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform
various checks on DSA parameters. Some of those computations take a long time
if the modulus (`p` parameter) is too large.
Trying to use a very large modulus is slow and OpenSSL will not allow using
public keys with a modulus which is over 10,000 bits in length for signature
verification. However the key and parameter check functions do not limit
the modulus size when performing the checks.
An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()
and supplies a key or parameters obtained from an untrusted source could be
vulnerable to a Denial of Service attack.
These functions are not called by OpenSSL itself on untrusted DSA keys so
only applications that directly call these functions may be vulnerable.
Also vulnerable are the OpenSSL pkey and pkeyparam command line applications
when using the `-check` option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", }, { lang: "es", value: "Resumen del problema: la comprobación de claves o parámetros DSA excesivamente largos puede resultar muy lenta. Resumen de impacto: las aplicaciones que utilizan las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() para comprobar una clave pública de DSA o parámetros de DSA pueden experimentar grandes retrasos. Cuando la clave o los parámetros que se están verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegación de Servicio. Las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() realizan varias comprobaciones de los parámetros DSA. Algunos de esos cálculos toman mucho tiempo si el módulo (parámetro `p`) es demasiado grande. Intentar utilizar un módulo muy grande es lento y OpenSSL no permitirá el uso de claves públicas con un módulo de más de 10.000 bits de longitud para la verificación de firmas. Sin embargo, las funciones de verificación de claves y parámetros no limitan el tamaño del módulo al realizar las verificaciones. Una aplicación que llama a EVP_PKEY_param_check() o EVP_PKEY_public_check() y proporciona una clave o parámetros obtenidos de una fuente que no es de confianza podría ser vulnerable a un ataque de denegación de servicio. OpenSSL no llama a estas funciones en claves DSA que no son de confianza, por lo que solo las aplicaciones que llaman directamente a estas funciones pueden ser vulnerables. También son vulnerables las aplicaciones de línea de comandos OpenSSL pkey y pkeyparam cuando se usa la opción `-check`. La implementación de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema.", }, ], id: "CVE-2024-4603", lastModified: "2024-11-21T09:43:11.753", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-05-16T16:15:10.643", references: [ { source: "openssl-security@openssl.org", url: "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", }, { source: "openssl-security@openssl.org", url: "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", }, { source: "openssl-security@openssl.org", url: "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", }, { source: "openssl-security@openssl.org", url: "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", }, { source: "openssl-security@openssl.org", url: "https://www.openssl.org/news/secadv/20240516.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/05/16/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.openssl.org/news/secadv/20240516.txt", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-606", }, ], source: "openssl-security@openssl.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-834", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
rhsa-2024:9333
Vulnerability from csaf_redhat
Published
2024-11-12 09:22
Modified
2025-04-02 22:19
Summary
Red Hat Security Advisory: openssl and openssl-fips-provider security update
Notes
Topic
An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)
* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)
* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)
* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)\n\n* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)\n\n* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)\n\n* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9333", url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "RHEL-26271", url: "https://issues.redhat.com/browse/RHEL-26271", }, { category: "external", summary: "RHEL-32123", url: "https://issues.redhat.com/browse/RHEL-32123", }, { category: "external", summary: "RHEL-38514", url: "https://issues.redhat.com/browse/RHEL-38514", }, { category: "external", summary: "RHEL-40723", url: "https://issues.redhat.com/browse/RHEL-40723", }, { category: "external", summary: "RHEL-58662", url: "https://issues.redhat.com/browse/RHEL-58662", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9333.json", }, ], title: "Red Hat Security Advisory: openssl and openssl-fips-provider security update", tracking: { current_release_date: "2025-04-02T22:19:46+00:00", generator: { date: "2025-04-02T22:19:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:9333", initial_release_date: "2024-11-12T09:22:03+00:00", revision_history: [ { date: "2024-11-12T09:22:03+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:22:03+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T22:19:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 9)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:9::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.src", product: { name: "openssl-1:3.2.2-6.el9_5.src", product_id: "openssl-1:3.2.2-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.i686", product: { name: "openssl-devel-1:3.2.2-6.el9_5.i686", product_id: "openssl-devel-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_id: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-2511", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-04-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2274020", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv3.1 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Unbounded memory growth with session handling in TLSv1.3", title: "Vulnerability summary", }, { category: "other", text: "The OpenSSL version shipped with Red Hat Enterprise Linux 7 is not affected by this issue, as the version 1.0.2 does not contain the related bug.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-2511", }, { category: "external", summary: "RHBZ#2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-2511", url: "https://www.cve.org/CVERecord?id=CVE-2024-2511", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", }, { category: "external", summary: "https://www.openssl.org/news/vulnerabilities.html", url: "https://www.openssl.org/news/vulnerabilities.html", }, ], release_date: "2024-04-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Unbounded memory growth with session handling in TLSv1.3", }, { cve: "CVE-2024-4603", discovery_date: "2024-05-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281029", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Applications that use the EVP_PKEY_param_check() or EVP_PKEY_public_check() function to check a DSA public key or DSA parameters may experience long delays when checking excessively long DSA keys or parameters. In applications that allow untrusted sources to provide the key or parameters that are checked, an attacker may be able to cause a denial of service. These functions are not called by OpenSSL on untrusted DSA keys. The applications that directly call these functions are the ones that may be vulnerable to this issue.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Excessive time spent checking DSA keys and parameters", title: "Vulnerability summary", }, { category: "other", text: "Only OpenSSL 3.3, 3.2, 3.1 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "RHBZ#2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4603", url: "https://www.cve.org/CVERecord?id=CVE-2024-4603", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240516.txt", url: "https://www.openssl.org/news/secadv/20240516.txt", }, ], release_date: "2024-05-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Excessive time spent checking DSA keys and parameters", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-29T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283757", }, ], notes: [ { category: "description", text: "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Use After Free with SSL_free_buffers", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is classified as low severity rather than moderate because it only affects applications that explicitly call SSL_free_buffers, a rarely used OpenSSL function. \n\nThe issue arises in specific conditions where the function is called while a buffer is still in use, leading to a potential use-after-free scenario. However, exploitation is significantly constrained because\n\n(1) an application must intentionally invoke this function, which is not typical in common OpenSSL usage, \n\n(2) triggering the vulnerability requires precise timing and conditions where partially processed records remain unread or incomplete, and \n\n(3) there are no known active exploits leveraging this issue. \n\nGiven these factors, while the bug could theoretically lead to crashes or corruption, the practical risk of widespread exploitation remains minimal.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4741", }, { category: "external", summary: "RHBZ#2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4741", url: "https://www.cve.org/CVERecord?id=CVE-2024-4741", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240528.txt", url: "https://www.openssl.org/news/secadv/20240528.txt", }, ], release_date: "2024-05-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Use After Free with SSL_free_buffers", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2024-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2294581", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.", title: "Vulnerability description", }, { category: "summary", text: "openssl: SSL_select_next_proto buffer overread", title: "Vulnerability summary", }, { category: "other", text: "The FIPS modules in versions 3.3, 3.2, 3.1, and 3.0 are not affected by this issue.\nThe packages shim and shim-unsigned-x64 are not impacted by this CVE, as the affected OpenSSL code path is not utilized.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-5535", }, { category: "external", summary: "RHBZ#2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-5535", url: "https://www.cve.org/CVERecord?id=CVE-2024-5535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: SSL_select_next_proto buffer overread", }, ], }
rhsa-2024_9333
Vulnerability from csaf_redhat
Published
2024-11-12 09:22
Modified
2024-12-17 03:55
Summary
Red Hat Security Advisory: openssl and openssl-fips-provider security update
Notes
Topic
An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)
* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)
* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)
* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)\n\n* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)\n\n* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)\n\n* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9333", url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "RHEL-26271", url: "https://issues.redhat.com/browse/RHEL-26271", }, { category: "external", summary: "RHEL-32123", url: "https://issues.redhat.com/browse/RHEL-32123", }, { category: "external", summary: "RHEL-38514", url: "https://issues.redhat.com/browse/RHEL-38514", }, { category: "external", summary: "RHEL-40723", url: "https://issues.redhat.com/browse/RHEL-40723", }, { category: "external", summary: "RHEL-58662", url: "https://issues.redhat.com/browse/RHEL-58662", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9333.json", }, ], title: "Red Hat Security Advisory: openssl and openssl-fips-provider security update", tracking: { current_release_date: "2024-12-17T03:55:26+00:00", generator: { date: "2024-12-17T03:55:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:9333", initial_release_date: "2024-11-12T09:22:03+00:00", revision_history: [ { date: "2024-11-12T09:22:03+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:22:03+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T03:55:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 9)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:9::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.src", product: { name: "openssl-1:3.2.2-6.el9_5.src", product_id: "openssl-1:3.2.2-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.i686", product: { name: "openssl-devel-1:3.2.2-6.el9_5.i686", product_id: "openssl-devel-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_id: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-2511", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-04-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2274020", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv3.1 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Unbounded memory growth with session handling in TLSv1.3", title: "Vulnerability summary", }, { category: "other", text: "The OpenSSL version shipped with Red Hat Enterprise Linux 7 is not affected by this issue, as the version 1.0.2 does not contain the related bug.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-2511", }, { category: "external", summary: "RHBZ#2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-2511", url: "https://www.cve.org/CVERecord?id=CVE-2024-2511", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", }, { category: "external", summary: "https://www.openssl.org/news/vulnerabilities.html", url: "https://www.openssl.org/news/vulnerabilities.html", }, ], release_date: "2024-04-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Unbounded memory growth with session handling in TLSv1.3", }, { cve: "CVE-2024-4603", discovery_date: "2024-05-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281029", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Applications that use the EVP_PKEY_param_check() or EVP_PKEY_public_check() function to check a DSA public key or DSA parameters may experience long delays when checking excessively long DSA keys or parameters. In applications that allow untrusted sources to provide the key or parameters that are checked, an attacker may be able to cause a denial of service. These functions are not called by OpenSSL on untrusted DSA keys. The applications that directly call these functions are the ones that may be vulnerable to this issue.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Excessive time spent checking DSA keys and parameters", title: "Vulnerability summary", }, { category: "other", text: "Only OpenSSL 3.3, 3.2, 3.1 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "RHBZ#2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4603", url: "https://www.cve.org/CVERecord?id=CVE-2024-4603", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240516.txt", url: "https://www.openssl.org/news/secadv/20240516.txt", }, ], release_date: "2024-05-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Excessive time spent checking DSA keys and parameters", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-29T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283757", }, ], notes: [ { category: "description", text: "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Use After Free with SSL_free_buffers", title: "Vulnerability summary", }, { category: "other", text: "Red Hat classifies this vulnerability as having a low impact because the affected function is infrequently used by applications. However, Red Hat includes this function in their regular packages, which is why the related components are listed as affected in the table below.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4741", }, { category: "external", summary: "RHBZ#2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4741", url: "https://www.cve.org/CVERecord?id=CVE-2024-4741", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240528.txt", url: "https://www.openssl.org/news/secadv/20240528.txt", }, ], release_date: "2024-05-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Use After Free with SSL_free_buffers", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2024-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2294581", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.", title: "Vulnerability description", }, { category: "summary", text: "openssl: SSL_select_next_proto buffer overread", title: "Vulnerability summary", }, { category: "other", text: "The FIPS modules in versions 3.3, 3.2, 3.1, and 3.0 are not affected by this issue.\nThe packages shim and shim-unsigned-x64 are not impacted by this CVE, as the affected OpenSSL code path is not utilized.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-5535", }, { category: "external", summary: "RHBZ#2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-5535", url: "https://www.cve.org/CVERecord?id=CVE-2024-5535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: SSL_select_next_proto buffer overread", }, ], }
RHSA-2024:9333
Vulnerability from csaf_redhat
Published
2024-11-12 09:22
Modified
2025-04-02 22:19
Summary
Red Hat Security Advisory: openssl and openssl-fips-provider security update
Notes
Topic
An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)
* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)
* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)
* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: Unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)\n\n* openssl: Excessive time spent checking DSA keys and parameters (CVE-2024-4603)\n\n* openssl: Use After Free with SSL_free_buffers (CVE-2024-4741)\n\n* openssl: SSL_select_next_proto buffer overread (CVE-2024-5535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9333", url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "RHEL-26271", url: "https://issues.redhat.com/browse/RHEL-26271", }, { category: "external", summary: "RHEL-32123", url: "https://issues.redhat.com/browse/RHEL-32123", }, { category: "external", summary: "RHEL-38514", url: "https://issues.redhat.com/browse/RHEL-38514", }, { category: "external", summary: "RHEL-40723", url: "https://issues.redhat.com/browse/RHEL-40723", }, { category: "external", summary: "RHEL-58662", url: "https://issues.redhat.com/browse/RHEL-58662", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9333.json", }, ], title: "Red Hat Security Advisory: openssl and openssl-fips-provider security update", tracking: { current_release_date: "2025-04-02T22:19:46+00:00", generator: { date: "2025-04-02T22:19:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2024:9333", initial_release_date: "2024-11-12T09:22:03+00:00", revision_history: [ { date: "2024-11-12T09:22:03+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:22:03+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-02T22:19:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 9)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:9::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.src", product: { name: "openssl-1:3.2.2-6.el9_5.src", product_id: "openssl-1:3.2.2-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=src&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-devel-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_id: "openssl-perl-1:3.2.2-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=aarch64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_id: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-devel-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_id: "openssl-perl-1:3.2.2-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.i686", product: { name: "openssl-devel-1:3.2.2-6.el9_5.i686", product_id: "openssl-devel-1:3.2.2-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=i686&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=i686", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "openssl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debugsource@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_id: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-libs-debuginfo@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_id: "openssl-devel-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-devel@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_id: "openssl-perl-1:3.2.2-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-perl@3.2.2-6.el9_5?arch=s390x&epoch=1", }, }, }, { category: "product_version", name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debugsource@3.0.7-6.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_id: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssl-fips-provider-so-debuginfo@3.0.7-6.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", }, product_reference: "openssl-1:3.2.2-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-debugsource-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-devel-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-devel-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.src", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", }, product_reference: "openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.aarch64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.ppc64le", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.s390x", relates_to_product_reference: "BaseOS-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "openssl-perl-1:3.2.2-6.el9_5.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)", product_id: "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", }, product_reference: "openssl-perl-1:3.2.2-6.el9_5.x86_64", relates_to_product_reference: "BaseOS-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-2511", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2024-04-08T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2274020", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv3.1 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured with the non-default SSL_OP_NO_TICKET option enabled to be vulnerable. This issue only affects TLSv1.3 servers, while TLS clients are not affected.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Unbounded memory growth with session handling in TLSv1.3", title: "Vulnerability summary", }, { category: "other", text: "The OpenSSL version shipped with Red Hat Enterprise Linux 7 is not affected by this issue, as the version 1.0.2 does not contain the related bug.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-2511", }, { category: "external", summary: "RHBZ#2274020", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274020", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-2511", url: "https://www.cve.org/CVERecord?id=CVE-2024-2511", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-2511", }, { category: "external", summary: "https://www.openssl.org/news/vulnerabilities.html", url: "https://www.openssl.org/news/vulnerabilities.html", }, ], release_date: "2024-04-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Unbounded memory growth with session handling in TLSv1.3", }, { cve: "CVE-2024-4603", discovery_date: "2024-05-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281029", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Applications that use the EVP_PKEY_param_check() or EVP_PKEY_public_check() function to check a DSA public key or DSA parameters may experience long delays when checking excessively long DSA keys or parameters. In applications that allow untrusted sources to provide the key or parameters that are checked, an attacker may be able to cause a denial of service. These functions are not called by OpenSSL on untrusted DSA keys. The applications that directly call these functions are the ones that may be vulnerable to this issue.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Excessive time spent checking DSA keys and parameters", title: "Vulnerability summary", }, { category: "other", text: "Only OpenSSL 3.3, 3.2, 3.1 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4603", }, { category: "external", summary: "RHBZ#2281029", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281029", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4603", url: "https://www.cve.org/CVERecord?id=CVE-2024-4603", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4603", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240516.txt", url: "https://www.openssl.org/news/secadv/20240516.txt", }, ], release_date: "2024-05-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Excessive time spent checking DSA keys and parameters", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-29T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283757", }, ], notes: [ { category: "description", text: "A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations.", title: "Vulnerability description", }, { category: "summary", text: "openssl: Use After Free with SSL_free_buffers", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is classified as low severity rather than moderate because it only affects applications that explicitly call SSL_free_buffers, a rarely used OpenSSL function. \n\nThe issue arises in specific conditions where the function is called while a buffer is still in use, leading to a potential use-after-free scenario. However, exploitation is significantly constrained because\n\n(1) an application must intentionally invoke this function, which is not typical in common OpenSSL usage, \n\n(2) triggering the vulnerability requires precise timing and conditions where partially processed records remain unread or incomplete, and \n\n(3) there are no known active exploits leveraging this issue. \n\nGiven these factors, while the bug could theoretically lead to crashes or corruption, the practical risk of widespread exploitation remains minimal.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-4741", }, { category: "external", summary: "RHBZ#2283757", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283757", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-4741", url: "https://www.cve.org/CVERecord?id=CVE-2024-4741", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-4741", }, { category: "external", summary: "https://www.openssl.org/news/secadv/20240528.txt", url: "https://www.openssl.org/news/secadv/20240528.txt", }, ], release_date: "2024-05-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: Use After Free with SSL_free_buffers", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2024-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2294581", }, ], notes: [ { category: "description", text: "A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN.", title: "Vulnerability description", }, { category: "summary", text: "openssl: SSL_select_next_proto buffer overread", title: "Vulnerability summary", }, { category: "other", text: "The FIPS modules in versions 3.3, 3.2, 3.1, and 3.0 are not affected by this issue.\nThe packages shim and shim-unsigned-x64 are not impacted by this CVE, as the affected OpenSSL code path is not utilized.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], known_not_affected: [ "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-5535", }, { category: "external", summary: "RHBZ#2294581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294581", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-5535", url: "https://www.cve.org/CVERecord?id=CVE-2024-5535", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-5535", }, { category: "external", summary: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", url: "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL", }, ], release_date: "2024-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:22:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9333", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "AppStream-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "AppStream-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-debugsource-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-devel-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.src", "BaseOS-9.5.0.GA:openssl-fips-provider-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debuginfo-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-fips-provider-so-debugsource-0:3.0.7-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.i686", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-libs-debuginfo-1:3.2.2-6.el9_5.x86_64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.aarch64", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.ppc64le", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.s390x", "BaseOS-9.5.0.GA:openssl-perl-1:3.2.2-6.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssl: SSL_select_next_proto buffer overread", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.