Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for archive/zip by Go standard library

    CVE-2025-61728 (GCVE-0-2025-61728)

    Vulnerability from nvd – Published: 2026-01-28 19:30 – Updated: 2026-01-29 18:30
    VLAI
    Title
    Excessive CPU consumption when building archive index in archive/zip
    Summary
    archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library archive/zip Affected: 0 , < 1.24.12 (semver)
    Affected: 1.25.0 , < 1.25.6 (semver)
    Create a notification for this product.
    Credits
    Jakub Ciolek
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-01-28T20:08:22.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/01/15/4"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61728",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T18:29:58.068724Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T18:30:24.487Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "archive/zip",
              "product": "archive/zip",
              "programRoutines": [
                {
                  "name": "Reader.initFileList"
                },
                {
                  "name": "Reader.Open"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.24.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.25.6",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jakub Ciolek"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-28T19:30:31.354Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/736713"
            },
            {
              "url": "https://go.dev/issue/77102"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4342"
            }
          ],
          "title": "Excessive CPU consumption when building archive index in archive/zip"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-61728",
        "datePublished": "2026-01-28T19:30:31.354Z",
        "dateReserved": "2025-09-30T15:05:03.605Z",
        "dateUpdated": "2026-01-29T18:30:24.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-24789 (GCVE-0-2024-24789)

    Vulnerability from nvd – Published: 2024-06-05 15:13 – Updated: 2025-02-13 17:40
    VLAI
    Title
    Mishandling of corrupt central directory record in archive/zip
    Summary
    The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-390 - Detection of Error Condition Without Action
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library archive/zip Affected: 0 , < 1.21.11 (semver)
    Affected: 1.22.0-0 , < 1.22.4 (semver)
    Create a notification for this product.
    golang go Affected: 0 , < 1.21.11 (semver)
    Affected: 1.22.0 , < 1.22.4 (semver)
        cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Yufan You (@ouuan)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "go",
                "vendor": "golang",
                "versions": [
                  {
                    "lessThan": "1.21.11",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "1.22.4",
                    "status": "affected",
                    "version": "1.22.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-06T15:26:12.977985Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-13T16:20:49.160Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-01-31T15:02:43.918Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/585397"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/66869"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2888"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250131-0008/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "archive/zip",
              "product": "archive/zip",
              "programRoutines": [
                {
                  "name": "findSignatureInBlock"
                },
                {
                  "name": "NewReader"
                },
                {
                  "name": "OpenReader"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.4",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Yufan You (@ouuan)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-390: Detection of Error Condition Without Action",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T03:05:53.965Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/585397"
            },
            {
              "url": "https://go.dev/issue/66869"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2888"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
            }
          ],
          "title": "Mishandling of corrupt central directory record in archive/zip"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-24789",
        "datePublished": "2024-06-05T15:13:51.938Z",
        "dateReserved": "2024-01-30T16:05:14.758Z",
        "dateUpdated": "2025-02-13T17:40:27.816Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-61728 (GCVE-0-2025-61728)

    Vulnerability from cvelistv5 – Published: 2026-01-28 19:30 – Updated: 2026-01-29 18:30
    VLAI
    Title
    Excessive CPU consumption when building archive index in archive/zip
    Summary
    archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library archive/zip Affected: 0 , < 1.24.12 (semver)
    Affected: 1.25.0 , < 1.25.6 (semver)
    Create a notification for this product.
    Credits
    Jakub Ciolek
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-01-28T20:08:22.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/01/15/4"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61728",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-29T18:29:58.068724Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-29T18:30:24.487Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "archive/zip",
              "product": "archive/zip",
              "programRoutines": [
                {
                  "name": "Reader.initFileList"
                },
                {
                  "name": "Reader.Open"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.24.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.25.6",
                  "status": "affected",
                  "version": "1.25.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jakub Ciolek"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-28T19:30:31.354Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/736713"
            },
            {
              "url": "https://go.dev/issue/77102"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2026-4342"
            }
          ],
          "title": "Excessive CPU consumption when building archive index in archive/zip"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-61728",
        "datePublished": "2026-01-28T19:30:31.354Z",
        "dateReserved": "2025-09-30T15:05:03.605Z",
        "dateUpdated": "2026-01-29T18:30:24.487Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-24789 (GCVE-0-2024-24789)

    Vulnerability from cvelistv5 – Published: 2024-06-05 15:13 – Updated: 2025-02-13 17:40
    VLAI
    Title
    Mishandling of corrupt central directory record in archive/zip
    Summary
    The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-390 - Detection of Error Condition Without Action
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library archive/zip Affected: 0 , < 1.21.11 (semver)
    Affected: 1.22.0-0 , < 1.22.4 (semver)
    Create a notification for this product.
    golang go Affected: 0 , < 1.21.11 (semver)
    Affected: 1.22.0 , < 1.22.4 (semver)
        cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Yufan You (@ouuan)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "go",
                "vendor": "golang",
                "versions": [
                  {
                    "lessThan": "1.21.11",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "1.22.4",
                    "status": "affected",
                    "version": "1.22.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-24789",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-06T15:26:12.977985Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-13T16:20:49.160Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-01-31T15:02:43.918Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/585397"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/66869"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2024-2888"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
              },
              {
                "url": "https://security.netapp.com/advisory/ntap-20250131-0008/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "archive/zip",
              "product": "archive/zip",
              "programRoutines": [
                {
                  "name": "findSignatureInBlock"
                },
                {
                  "name": "NewReader"
                },
                {
                  "name": "OpenReader"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.21.11",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.22.4",
                  "status": "affected",
                  "version": "1.22.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Yufan You (@ouuan)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-390: Detection of Error Condition Without Action",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T03:05:53.965Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/585397"
            },
            {
              "url": "https://go.dev/issue/66869"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2024-2888"
            },
            {
              "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
            },
            {
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
            }
          ],
          "title": "Mishandling of corrupt central directory record in archive/zip"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2024-24789",
        "datePublished": "2024-06-05T15:13:51.938Z",
        "dateReserved": "2024-01-30T16:05:14.758Z",
        "dateUpdated": "2025-02-13T17:40:27.816Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }