WID-SEC-W-2024-3722
Vulnerability from csaf_certbund - Published: 2024-12-17 23:00 - Updated: 2025-06-02 22:00Summary
Apache Tomcat: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um beliebigen Programmcode auszuführen und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Linux
- NetApp Appliance
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um beliebigen Programmcode auszuf\u00fchren und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- NetApp Appliance\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3722 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3722.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3722 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3722"
},
{
"category": "external",
"summary": "Apache Mailing List vom 2024-12-17",
"url": "https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n"
},
{
"category": "external",
"summary": "Apache Mailing List vom 2024-12-17",
"url": "https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-12-17",
"url": "https://github.com/advisories/GHSA-5j33-cvvr-w245"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-12-17",
"url": "https://github.com/advisories/GHSA-653p-vg55-5652"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250103-0003 vom 2025-01-03",
"url": "https://security.netapp.com/advisory/ntap-20250103-0003/"
},
{
"category": "external",
"summary": "SUSE Security Update vom 2025-01-08",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R2IT7I6R7IICWNFTQM2VQTVL5JMUZMA4/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14623-1 vom 2025-01-08",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BW77WQOC353TC34OPBAFJ7NIG6GAGCA5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0058-1 vom 2025-01-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BU742OOISJIJHU3XWFKULNL4LCEVGEXC/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180700 vom 2025-01-10",
"url": "https://www.ibm.com/support/pages/node/7180700"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4017 vom 2025-01-17",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0362 vom 2025-01-16",
"url": "https://access.redhat.com/errata/RHSA-2025:0362"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0361 vom 2025-01-16",
"url": "https://access.redhat.com/errata/RHSA-2025:0361"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5845 vom 2025-01-17",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00007.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0342 vom 2025-01-21",
"url": "https://access.redhat.com/errata/RHSA-2025:0342"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0343 vom 2025-01-21",
"url": "https://access.redhat.com/errata/RHSA-2025:0343"
},
{
"category": "external",
"summary": "ExtremeNetworks Vulnerability Notice SA-2025-007 vom 2025-01-23",
"url": "https://extreme-networks.my.site.com/ExtrArticleDetail?an=000122669"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASTOMCAT9-2025-015 vom 2025-01-24",
"url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT9-2025-015.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0394-1 vom 2025-02-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020292.html"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin",
"url": "https://confluence.atlassian.com/security/security-bulletin-february-18-2025-1510670627.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183584 vom 2025-02-18",
"url": "https://www.ibm.com/support/pages/node/7183584"
},
{
"category": "external",
"summary": "ATOSS Security News vom 2025-02-21",
"url": "https://www.atoss.ch/de-ch/sicherheit/security-news"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1920 vom 2025-02-27",
"url": "https://access.redhat.com/errata/RHSA-2025:1920"
},
{
"category": "external",
"summary": "Camunda Security Notice vom 2025-03-10",
"url": "https://docs.camunda.org/security/notices/#notice-130"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-3645 vom 2025-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-3645.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3609 vom 2025-04-07",
"url": "https://access.redhat.com/errata/RHSA-2025:3609"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3647 vom 2025-04-07",
"url": "https://access.redhat.com/errata/RHSA-2025:3647"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3646 vom 2025-04-07",
"url": "https://access.redhat.com/errata/RHSA-2025:3646"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3608 vom 2025-04-08",
"url": "https://access.redhat.com/errata/RHSA-2025:3608"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3645 vom 2025-04-07",
"url": "https://access.redhat.com/errata/RHSA-2025:3645"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-3683 vom 2025-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-3683.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3683 vom 2025-04-08",
"url": "https://access.redhat.com/errata/RHSA-2025:3683"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2829 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2829.html"
},
{
"category": "external",
"summary": "PoC CVE-2024-50379 vom 2025-04-24",
"url": "https://github.com/iSee857/CVE-2024-50379-PoC/blob/main/ApachTomcat_CVE-2024-50379_ConditionalCompetitionToRce.py"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4521 vom 2025-05-08",
"url": "https://access.redhat.com/errata/RHSA-2025:4521"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4522 vom 2025-05-08",
"url": "https://access.redhat.com/errata/RHSA-2025:4522"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7497 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7497"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Apache Tomcat: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-02T22:00:00.000+00:00",
"generator": {
"date": "2025-06-03T09:26:43.063+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-3722",
"initial_release_date": "2024-12-17T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-12-18T23:00:00.000+00:00",
"number": "2",
"summary": "Anpassung CVSS Bewertung bei CVE-2024-50379 wg. Angriffskomplexit\u00e4t \"hoch\""
},
{
"date": "2025-01-02T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-01-07T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-01-09T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-01-12T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-16T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian und Red Hat aufgenommen"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von ExtremeNetworks aufgenommen"
},
{
"date": "2025-01-26T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-18T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-23T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-04-16T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "21",
"summary": "PoC f\u00fcr CVE-2024-50379 aufgenommen"
},
{
"date": "2025-05-08T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "24"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "ATOSS Staff Efficiency Suite",
"product": {
"name": "ATOSS Staff Efficiency Suite",
"product_id": "T041371",
"product_identification_helper": {
"cpe": "cpe:/a:atoss:staff_efficiency_suite:-"
}
}
}
],
"category": "vendor",
"name": "ATOSS"
},
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.0.2",
"product": {
"name": "Apache Tomcat \u003c11.0.2",
"product_id": "T039886"
}
},
{
"category": "product_version",
"name": "11.0.2",
"product": {
"name": "Apache Tomcat 11.0.2",
"product_id": "T039886-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:11.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.34",
"product": {
"name": "Apache Tomcat \u003c10.1.34",
"product_id": "T039887"
}
},
{
"category": "product_version",
"name": "10.1.34",
"product": {
"name": "Apache Tomcat 10.1.34",
"product_id": "T039887-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:10.1.34"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.98",
"product": {
"name": "Apache Tomcat \u003c9.0.98",
"product_id": "T039888"
}
},
{
"category": "product_version",
"name": "9.0.98",
"product": {
"name": "Apache Tomcat 9.0.98",
"product_id": "T039888-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:9.0.98"
}
}
}
],
"category": "product_name",
"name": "Tomcat"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center and Server \u003c9.2.1",
"product": {
"name": "Atlassian Confluence Data Center and Server \u003c9.2.1",
"product_id": "T041273"
}
},
{
"category": "product_version",
"name": "Data Center and Server 9.2.1",
"product": {
"name": "Atlassian Confluence Data Center and Server 9.2.1",
"product_id": "T041273-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__9.2.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center and Server \u003c8.5.19",
"product": {
"name": "Atlassian Confluence Data Center and Server \u003c8.5.19",
"product_id": "T041274"
}
},
{
"category": "product_version",
"name": "Data Center and Server 8.5.19",
"product": {
"name": "Atlassian Confluence Data Center and Server 8.5.19",
"product_id": "T041274-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__8.5.19"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T039654",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:for_zos"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP11 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF01",
"product_id": "T041270"
}
},
{
"category": "product_version",
"name": "7.5.0 UP11 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP11 IF01",
"product_id": "T041270-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for Linux",
"product": {
"name": "NetApp ActiveIQ Unified Manager for Linux",
"product_id": "T023548",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
}
}
},
{
"category": "product_version",
"name": "for VMware vSphere",
"product": {
"name": "NetApp ActiveIQ Unified Manager for VMware vSphere",
"product_id": "T025152",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere"
}
}
},
{
"category": "product_version",
"name": "for Microsoft Windows",
"product": {
"name": "NetApp ActiveIQ Unified Manager for Microsoft Windows",
"product_id": "T025631",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.20.11",
"product": {
"name": "Open Source Camunda \u003c7.20.11",
"product_id": "T041688"
}
},
{
"category": "product_version",
"name": "7.20.11",
"product": {
"name": "Open Source Camunda 7.20.11",
"product_id": "T041688-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.20.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.21.8",
"product": {
"name": "Open Source Camunda \u003c7.21.8",
"product_id": "T041689"
}
},
{
"category": "product_version",
"name": "7.21.8",
"product": {
"name": "Open Source Camunda 7.21.8",
"product_id": "T041689-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.21.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.22.3",
"product": {
"name": "Open Source Camunda \u003c7.22.3",
"product_id": "T041690"
}
},
{
"category": "product_version",
"name": "7.22.3",
"product": {
"name": "Open Source Camunda 7.22.3",
"product_id": "T041690-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.22.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.23.0-alpha4",
"product": {
"name": "Open Source Camunda \u003c7.23.0-alpha4",
"product_id": "T041691"
}
},
{
"category": "product_version",
"name": "7.23.0-alpha4",
"product": {
"name": "Open Source Camunda 7.23.0-alpha4",
"product_id": "T041691-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:camunda:camunda:7.23.0-alpha4"
}
}
}
],
"category": "product_name",
"name": "Camunda"
},
{
"branches": [
{
"category": "product_version_range",
"name": "ExtremeAnalytics SE \u003c24.10.13",
"product": {
"name": "Open Source GStreamer ExtremeAnalytics SE \u003c24.10.13",
"product_id": "T040603"
}
},
{
"category": "product_version",
"name": "ExtremeAnalytics SE 24.10.13",
"product": {
"name": "Open Source GStreamer ExtremeAnalytics SE 24.10.13",
"product_id": "T040603-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:gstreamer:extremeanalytics_se__24.10.13"
}
}
},
{
"category": "product_version_range",
"name": "ExtremeControl SE \u003c24.10.13",
"product": {
"name": "Open Source GStreamer ExtremeControl SE \u003c24.10.13",
"product_id": "T040604"
}
},
{
"category": "product_version",
"name": "ExtremeControl SE 24.10.13",
"product": {
"name": "Open Source GStreamer ExtremeControl SE 24.10.13",
"product_id": "T040604-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:gstreamer:extremecontrol_se__24.10.13"
}
}
}
],
"category": "product_name",
"name": "GStreamer"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.8.4",
"product": {
"name": "Red Hat JBoss Web Server \u003c5.8.4",
"product_id": "T043515"
}
},
{
"category": "product_version",
"name": "5.8.4",
"product": {
"name": "Red Hat JBoss Web Server 5.8.4",
"product_id": "T043515-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8.4"
}
}
}
],
"category": "product_name",
"name": "JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T040043",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "product_name",
"name": "openSUSE"
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-50379",
"product_status": {
"known_affected": [
"T025152",
"67646",
"T040604",
"T040603",
"T002977",
"T004914",
"T039654",
"T025631",
"T041689",
"398363",
"T041688",
"T039887",
"T039886",
"T039888",
"T023548",
"T040043",
"T041274",
"T041273",
"T041691",
"T041371",
"T041690",
"2951",
"T002207",
"T041270",
"T043515",
"T027843"
]
},
"release_date": "2024-12-17T23:00:00.000+00:00",
"title": "CVE-2024-50379"
},
{
"cve": "CVE-2024-54677",
"product_status": {
"known_affected": [
"T025152",
"67646",
"T040604",
"T040603",
"T002977",
"T004914",
"T039654",
"T025631",
"T041689",
"398363",
"T041688",
"T039887",
"T039886",
"T039888",
"T023548",
"T040043",
"T041274",
"T041273",
"T041691",
"T041371",
"T041690",
"2951",
"T002207",
"T041270",
"T043515",
"T027843"
]
},
"release_date": "2024-12-17T23:00:00.000+00:00",
"title": "CVE-2024-54677"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…