Vulnerability-Lookup

CVE-2021-23337 (GCVE-0-2021-23337)

Vulnerability from cvelistv5 – Published: 2021-02-15 12:15 – Updated: 2024-09-16 19:15

Title

Command Injection

Summary

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

CWE

Command Injection

Assigner

snyk

References

13 references

URL	Tags
https://snyk.io/vuln/SNYK-JS-LODASH-1040724	x_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928	x_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929	x_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930	x_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGIT…	x_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932	x_refsource_MISC
https://github.com/lodash/lodash/blob/ddfd9b11a01…	x_refsource_MISC
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021031…	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2022.html	x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
n/a	Lodash	Affected: prior to 4.17.21

Date Public

2021-02-15 00:00

Credits

Marc Hassan

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:05:55.700Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Lodash",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 4.17.21"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Marc Hassan"
        }
      ],
      "datePublic": "2021-02-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "remediationLevel": "UNAVAILABLE",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Command Injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-13T11:06:34.000Z",
        "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "shortName": "snyk"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
        }
      ],
      "title": "Command Injection",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "report@snyk.io",
          "DATE_PUBLIC": "2021-02-15T12:13:18.729628Z",
          "ID": "CVE-2021-23337",
          "STATE": "PUBLIC",
          "TITLE": "Command Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Lodash",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 4.17.21"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Marc Hassan"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932",
              "refsource": "MISC",
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
            },
            {
              "name": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851",
              "refsource": "MISC",
              "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210312-0006/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
    "assignerShortName": "snyk",
    "cveId": "CVE-2021-23337",
    "datePublished": "2021-02-15T12:15:14.715Z",
    "dateReserved": "2021-01-08T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:15:17.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-23337",
      "date": "2026-06-02",
      "epss": "0.04314",
      "percentile": "0.89076"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-23337\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2021-02-15T13:15:12.560\",\"lastModified\":\"2024-11-21T05:51:31.643\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Lodash anteriores a la 4.17.21 son vulnerables a la inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n de plantilla\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"4.17.21\",\"matchCriteriaId\":\"D51E96E4-8E0F-4B1D-ACAD-DB726036467F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF9A061-2421-426D-9854-0A4E55B2961D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F95EDC3D-54BB-48F9-82F2-7CCF335FCA78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72B735F-4E52-484A-9C2C-23E6E2070385\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B36A1D4-F391-4EE3-9A65-0A10568795BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55116032-AAD1-4FEA-9DA8-2C4CBD3D3F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0275F820-40BE-47B8-B167-815A55DF578E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8E145E-1DF0-4B18-B625-F04DF71F6ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABAFD73-150F-4DFE-B721-29EB4475D979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A45D47B-3401-49CF-92EE-79D007D802A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A8420D4-AAF1-44AA-BF28-48EE3ED310B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FB80AC5-35F2-4703-AD93-416B46972EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DAAEFF-AB4A-4D0D-8C86-D2F2811B53B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E14324D-B9EE-4C06-ACC7-255189ED6300\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEBB60F-6EAB-4AE5-B777-5044C657FBA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B185C1EA-71E6-4972-8637-08A33CC00841\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"868E7C46-7E45-4CFA-8A25-7CBFED912096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC7DB86F-3FAA-43C1-9C44-7CC5FB34419E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"040DA31B-2A0C-46F6-8EDF-9B88F9FB0F48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"062E4E7C-55BB-46F3-8B61-5A663B565891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C416FD3-2E2F-4BBC-BD5F-F896825883F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D886339E-EDB2-4879-BD54-1800E4CA9CAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"348EEE70-E114-4720-AAAF-E77DE5C9A2D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DCDD73B-57B1-4580-B922-5662E3AC13B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55F091C7-0869-4FD6-AC73-DA697D990304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D134C60-F9E2-46C2-8466-DB90AD98439E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C9A32B-B776-4704-818D-977B4B20D677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6989178B-A3D5-4441-A56C-6C639D4759DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.6.1\",\"matchCriteriaId\":\"D1298AA2-0103-4457-B260-F976B78468E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8AF00C6-B97F-414D-A8DF-057E6BFD8597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.12\",\"matchCriteriaId\":\"301E7158-9090-467C-B3B4-30A8DB3B395D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.11\",\"matchCriteriaId\":\"BBEFACB1-C8EA-492B-8F85-A564DB363C83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0\",\"versionEndIncluding\":\"20.12.7\",\"matchCriteriaId\":\"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFAEA84-E376-40A2-8C9F-3E0676FEC527\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"197D0D80-6702-4B61-B681-AFDBA7D69067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:system_manager:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0968FEE3-7685-4747-AEC0-DB6E0F35E256\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210312-0006/\",\"source\":\"report@snyk.io\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-LODASH-1040724\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210312-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-LODASH-1040724\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2024-AVI-1051

Vulnerability from certfr_avis - Published: 2024-12-06 - Updated: 2024-12-06

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	VIOS	VIOS version 3.1 sans le correctif invscout_fix7.tar
IBM	AIX	AIX version 7.3 sans le correctif invscout_fix7.tar
IBM	Cognos Controller	Cognos Controller versions 11.0.x antérieures à 11.0.1 FP3
IBM	AIX	AIX version 7.2 sans le correctif invscout_fix7.tar
IBM	Sterling Partner Engagement Manager Essentials Edition	Sterling Partner Engagement Manager Essentials Edition versions 6.2.x antérieures à 6.2.2.2
IBM	QRadar Use Case Manager App	QRadar Use Case Manager App versions antérieures à 4.0.0
IBM	Sterling Partner Engagement Manager Essentials Edition	Sterling Partner Engagement Manager Essentials Edition versions 6.1.x antérieures à 6.1.2.10
IBM	Sterling Partner Engagement Manager Standard Edition	Sterling Partner Engagement Manager Standard Edition versions 6.1.x antérieures à 6.1.2.10
IBM	VIOS	VIOS version 4.1 sans le correctif invscout_fix7.tar
IBM	Sterling Partner Engagement Manager Standard Edition	Sterling Partner Engagement Manager Standard Edition versions 6.2.x antérieures à 6.2.3.2

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7178033	2024-12-05	vendor-advisory
Bulletin de sécurité IBM 7178054	2024-12-06	vendor-advisory
Bulletin de sécurité IBM 7177220	2024-12-02	vendor-advisory
Bulletin de sécurité IBM 7177981	2024-12-05	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VIOS version 3.1 sans le correctif invscout_fix7.tar",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX version 7.3 sans le correctif invscout_fix7.tar",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Controller versions 11.0.x ant\u00e9rieures \u00e0 11.0.1 FP3",
      "product": {
        "name": "Cognos Controller",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX version 7.2 sans le correctif invscout_fix7.tar",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.x ant\u00e9rieures \u00e0 6.2.2.2",
      "product": {
        "name": "Sterling Partner Engagement Manager Essentials Edition",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 4.0.0",
      "product": {
        "name": "QRadar Use Case Manager App",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Partner Engagement Manager Essentials Edition versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.10",
      "product": {
        "name": "Sterling Partner Engagement Manager Essentials Edition",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Partner Engagement Manager Standard Edition versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.10",
      "product": {
        "name": "Sterling Partner Engagement Manager Standard Edition",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS version 4.1 sans le correctif invscout_fix7.tar",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.x ant\u00e9rieures \u00e0 6.2.3.2",
      "product": {
        "name": "Sterling Partner Engagement Manager Standard Edition",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-20919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
    },
    {
      "name": "CVE-2023-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
    },
    {
      "name": "CVE-2023-21938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
    },
    {
      "name": "CVE-2023-21843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
    },
    {
      "name": "CVE-2024-47115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47115"
    },
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2022-32213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
    },
    {
      "name": "CVE-2021-22959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
    },
    {
      "name": "CVE-2023-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
    },
    {
      "name": "CVE-2024-25020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25020"
    },
    {
      "name": "CVE-2024-28849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
    },
    {
      "name": "CVE-2022-35256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256"
    },
    {
      "name": "CVE-2023-21954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
    },
    {
      "name": "CVE-2023-21939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
    },
    {
      "name": "CVE-2024-20926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
    },
    {
      "name": "CVE-2024-22353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
    },
    {
      "name": "CVE-2024-41777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41777"
    },
    {
      "name": "CVE-2024-21890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
    },
    {
      "name": "CVE-2024-21896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
    },
    {
      "name": "CVE-2024-43799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2023-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
    },
    {
      "name": "CVE-2021-22940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
    },
    {
      "name": "CVE-2023-23936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
    },
    {
      "name": "CVE-2023-50312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50312"
    },
    {
      "name": "CVE-2021-22930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
    },
    {
      "name": "CVE-2024-25035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25035"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2023-38737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38737"
    },
    {
      "name": "CVE-2023-24807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2021-22918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2024-45590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2024-25026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
    },
    {
      "name": "CVE-2021-22939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
    },
    {
      "name": "CVE-2021-44532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2022-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
    },
    {
      "name": "CVE-2021-22960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
    },
    {
      "name": "CVE-2024-41776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41776"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2024-25019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25019"
    },
    {
      "name": "CVE-2022-32222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32222"
    },
    {
      "name": "CVE-2023-22067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
    },
    {
      "name": "CVE-2022-32212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
    },
    {
      "name": "CVE-2023-23920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
    },
    {
      "name": "CVE-2024-21634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
    },
    {
      "name": "CVE-2023-23918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2024-22329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
    },
    {
      "name": "CVE-2021-22921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22921"
    },
    {
      "name": "CVE-2022-0536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2021-29892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29892"
    },
    {
      "name": "CVE-2024-45676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45676"
    },
    {
      "name": "CVE-2023-49735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49735"
    },
    {
      "name": "CVE-2024-40691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40691"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2023-51775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
    },
    {
      "name": "CVE-2023-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
    },
    {
      "name": "CVE-2024-27268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27268"
    },
    {
      "name": "CVE-2022-32215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2023-2597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
    },
    {
      "name": "CVE-2023-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
    },
    {
      "name": "CVE-2024-41775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41775"
    },
    {
      "name": "CVE-2023-22049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
    },
    {
      "name": "CVE-2023-23919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
    },
    {
      "name": "CVE-2020-28500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
    },
    {
      "name": "CVE-2021-22931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
    },
    {
      "name": "CVE-2023-44483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
    },
    {
      "name": "CVE-2021-44533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
    },
    {
      "name": "CVE-2023-5676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2024-28863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2024-27270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27270"
    },
    {
      "name": "CVE-2024-21891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
    },
    {
      "name": "CVE-2023-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
    },
    {
      "name": "CVE-2022-32214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
    },
    {
      "name": "CVE-2024-39338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2022-21824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
    },
    {
      "name": "CVE-2023-21930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
    },
    {
      "name": "CVE-2024-22017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
    },
    {
      "name": "CVE-2023-24998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2022-35255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35255"
    },
    {
      "name": "CVE-2024-25036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25036"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2021-44531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-39332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
    },
    {
      "name": "CVE-2024-22354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
    },
    {
      "name": "CVE-2023-21967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
    },
    {
      "name": "CVE-2022-32223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32223"
    },
    {
      "name": "CVE-2023-26159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    }
  ],
  "initial_release_date": "2024-12-06T00:00:00",
  "last_revision_date": "2024-12-06T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-1051",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-12-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7178033",
      "url": "https://www.ibm.com/support/pages/node/7178033"
    },
    {
      "published_at": "2024-12-06",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7178054",
      "url": "https://www.ibm.com/support/pages/node/7178054"
    },
    {
      "published_at": "2024-12-02",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7177220",
      "url": "https://www.ibm.com/support/pages/node/7177220"
    },
    {
      "published_at": "2024-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7177981",
      "url": "https://www.ibm.com/support/pages/node/7177981"
    }
  ]
}

CERTFR-2025-AVI-0279

Vulnerability from certfr_avis - Published: 2025-04-04 - Updated: 2025-04-04

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Db2	Db2 versions antérieures à 5.1.2 pour Cloud Pak for Data
IBM	WebSphere	WebSphere Application Server Liberty sans le correctif APAR PH65394
IBM	Db2 Warehouse	Db2 Warehouse versions antérieures à 5.1.2 pour Cloud Pak for Data
IBM	WebSphere	WebSphere Hybrid Edition sans le dernier correctif de sécurité
IBM	QRadar Analyst Workflow	QRadar Analyst Workflow versions antérieures à 3.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7230024	2025-04-03	vendor-advisory
Bulletin de sécurité IBM 7229770	2025-04-01	vendor-advisory
Bulletin de sécurité IBM 7229443	2025-03-28	vendor-advisory
Bulletin de sécurité IBM 7229768	2025-04-01	vendor-advisory
Bulletin de sécurité IBM 7229772	2025-04-01	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Db2 versions ant\u00e9rieures \u00e0 5.1.2 pour Cloud Pak for Data",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server Liberty sans le correctif APAR PH65394",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 Warehouse versions ant\u00e9rieures \u00e0 5.1.2 pour Cloud Pak for Data",
      "product": {
        "name": "Db2 Warehouse",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Hybrid Edition sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 3.0.0",
      "product": {
        "name": "QRadar Analyst Workflow",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2021-44906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
    },
    {
      "name": "CVE-2023-45857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
    },
    {
      "name": "CVE-2023-45142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
    },
    {
      "name": "CVE-2022-48890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
    },
    {
      "name": "CVE-2024-35176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
    },
    {
      "name": "CVE-2024-37071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37071"
    },
    {
      "name": "CVE-2025-25285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25285"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-34997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34997"
    },
    {
      "name": "CVE-2024-51479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
    },
    {
      "name": "CVE-2024-43398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
    },
    {
      "name": "CVE-2024-35946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35946"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2024-41761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41761"
    },
    {
      "name": "CVE-2022-29153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29153"
    },
    {
      "name": "CVE-2023-52605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52605"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2018-6341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6341"
    },
    {
      "name": "CVE-2023-52455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
    },
    {
      "name": "CVE-2024-45338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2024-26740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26740"
    },
    {
      "name": "CVE-2024-47764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
    },
    {
      "name": "CVE-2025-25288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25288"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2022-48921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2025-25290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25290"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2024-39908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
    },
    {
      "name": "CVE-2021-47495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
    },
    {
      "name": "CVE-2024-41946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
    },
    {
      "name": "CVE-2023-52832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832"
    },
    {
      "name": "CVE-2024-41110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
    },
    {
      "name": "CVE-2024-27281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
    },
    {
      "name": "CVE-2024-52798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2024-6484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6484"
    },
    {
      "name": "CVE-2020-13844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13844"
    },
    {
      "name": "CVE-2024-26776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26776"
    },
    {
      "name": "CVE-2024-6485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
    },
    {
      "name": "CVE-2024-41762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41762"
    },
    {
      "name": "CVE-2024-39494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
    },
    {
      "name": "CVE-2025-23184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2021-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
    },
    {
      "name": "CVE-2024-26843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26843"
    },
    {
      "name": "CVE-2024-40679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40679"
    },
    {
      "name": "CVE-2023-52885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
    },
    {
      "name": "CVE-2018-20225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
    },
    {
      "name": "CVE-2019-11253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11253"
    },
    {
      "name": "CVE-2023-52898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
    },
    {
      "name": "CVE-2025-25289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25289"
    },
    {
      "name": "CVE-2024-45663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45663"
    },
    {
      "name": "CVE-2023-52467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
    },
    {
      "name": "CVE-2024-41123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
    },
    {
      "name": "CVE-2024-36620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36620"
    },
    {
      "name": "CVE-2022-48706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48706"
    },
    {
      "name": "CVE-2024-49761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
    }
  ],
  "initial_release_date": "2025-04-04T00:00:00",
  "last_revision_date": "2025-04-04T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0279",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2025-04-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7230024",
      "url": "https://www.ibm.com/support/pages/node/7230024"
    },
    {
      "published_at": "2025-04-01",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7229770",
      "url": "https://www.ibm.com/support/pages/node/7229770"
    },
    {
      "published_at": "2025-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7229443",
      "url": "https://www.ibm.com/support/pages/node/7229443"
    },
    {
      "published_at": "2025-04-01",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7229768",
      "url": "https://www.ibm.com/support/pages/node/7229768"
    },
    {
      "published_at": "2025-04-01",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7229772",
      "url": "https://www.ibm.com/support/pages/node/7229772"
    }
  ]
}

CERTFR-2025-AVI-0756

Vulnerability from certfr_avis - Published: 2025-09-05 - Updated: 2025-09-05

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T
VMware	Tanzu	Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2
VMware	Tanzu	Java Buildpack versions antérieures à 4.84.0
VMware	Tanzu	Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9
VMware	Tanzu	Tanzu Scheduler versions antérieures à 2.0.20
VMware	Tanzu	Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9
VMware	Tanzu	Tanzu GemFire versions antérieures à 10.1.4
VMware	Tanzu Operations Manager	Tanzu Operations Manager versions antérieures à 3.1.2
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T
VMware	Tanzu	Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12
VMware	Tanzu	Tanzu Hub versions antérieures à 10.2.1
VMware	Tanzu	Stemcells pour Ubuntu Jammy versions antérieures à 1.894

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 36093	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36102	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36101	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36100	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36105	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36091	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36078	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36107	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36094	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36097	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-46	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36108	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36095	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-09	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36096	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36106	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36109	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36098	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-68	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36103	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36099	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36092	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36110	2025-09-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
      "product": {
        "name": "Tanzu Operations Manager",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2021-44832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
    },
    {
      "name": "CVE-2021-45105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2013-1548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
    },
    {
      "name": "CVE-2015-4779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
    },
    {
      "name": "CVE-2015-4780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
    },
    {
      "name": "CVE-2015-4787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
    },
    {
      "name": "CVE-2015-4790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
    },
    {
      "name": "CVE-2015-4778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
    },
    {
      "name": "CVE-2015-4782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
    },
    {
      "name": "CVE-2015-4789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
    },
    {
      "name": "CVE-2015-4764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
    },
    {
      "name": "CVE-2015-4783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
    },
    {
      "name": "CVE-2015-2583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
    },
    {
      "name": "CVE-2015-4781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
    },
    {
      "name": "CVE-2015-4776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
    },
    {
      "name": "CVE-2015-4786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
    },
    {
      "name": "CVE-2015-2656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
    },
    {
      "name": "CVE-2015-4788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
    },
    {
      "name": "CVE-2015-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
    },
    {
      "name": "CVE-2015-4754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
    },
    {
      "name": "CVE-2015-4775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
    },
    {
      "name": "CVE-2015-4777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
    },
    {
      "name": "CVE-2015-2640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
    },
    {
      "name": "CVE-2015-4774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
    },
    {
      "name": "CVE-2015-2626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
    },
    {
      "name": "CVE-2015-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
    },
    {
      "name": "CVE-2015-4784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
    },
    {
      "name": "CVE-2015-2654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
    },
    {
      "name": "CVE-2017-8046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
    },
    {
      "name": "CVE-2018-3280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
    },
    {
      "name": "CVE-2018-3137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
    },
    {
      "name": "CVE-2018-3285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
    },
    {
      "name": "CVE-2018-3182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
    },
    {
      "name": "CVE-2018-3186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
    },
    {
      "name": "CVE-2018-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
    },
    {
      "name": "CVE-2018-3286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
    },
    {
      "name": "CVE-2018-3170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
    },
    {
      "name": "CVE-2018-3279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
    },
    {
      "name": "CVE-2018-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
    },
    {
      "name": "CVE-2018-3203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
    },
    {
      "name": "CVE-2018-3145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
    },
    {
      "name": "CVE-2019-2530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
    },
    {
      "name": "CVE-2019-2436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
    },
    {
      "name": "CVE-2019-2539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
    },
    {
      "name": "CVE-2019-2494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
    },
    {
      "name": "CVE-2019-2535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
    },
    {
      "name": "CVE-2019-2533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
    },
    {
      "name": "CVE-2019-2495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
    },
    {
      "name": "CVE-2019-2513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
    },
    {
      "name": "CVE-2019-2536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
    },
    {
      "name": "CVE-2019-2502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
    },
    {
      "name": "CVE-2019-2634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
    },
    {
      "name": "CVE-2019-2587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
    },
    {
      "name": "CVE-2019-2584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
    },
    {
      "name": "CVE-2019-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
    },
    {
      "name": "CVE-2019-2606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
    },
    {
      "name": "CVE-2019-2630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
    },
    {
      "name": "CVE-2019-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
    },
    {
      "name": "CVE-2019-2623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
    },
    {
      "name": "CVE-2019-2695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
    },
    {
      "name": "CVE-2019-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
    },
    {
      "name": "CVE-2019-2580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
    },
    {
      "name": "CVE-2019-2644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
    },
    {
      "name": "CVE-2019-2681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
    },
    {
      "name": "CVE-2019-2617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
    },
    {
      "name": "CVE-2019-2636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
    },
    {
      "name": "CVE-2019-2689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
    },
    {
      "name": "CVE-2019-2693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
    },
    {
      "name": "CVE-2019-2593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
    },
    {
      "name": "CVE-2019-2625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
    },
    {
      "name": "CVE-2019-2585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
    },
    {
      "name": "CVE-2019-2631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
    },
    {
      "name": "CVE-2019-2694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
    },
    {
      "name": "CVE-2019-2620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
    },
    {
      "name": "CVE-2019-2688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
    },
    {
      "name": "CVE-2019-2589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
    },
    {
      "name": "CVE-2019-2635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
    },
    {
      "name": "CVE-2019-2626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
    },
    {
      "name": "CVE-2019-2686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
    },
    {
      "name": "CVE-2019-2685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
    },
    {
      "name": "CVE-2019-2687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
    },
    {
      "name": "CVE-2019-2607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
    },
    {
      "name": "CVE-2019-7317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
    },
    {
      "name": "CVE-2019-2811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
    },
    {
      "name": "CVE-2019-2740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
    },
    {
      "name": "CVE-2019-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
    },
    {
      "name": "CVE-2019-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
    },
    {
      "name": "CVE-2019-2738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
    },
    {
      "name": "CVE-2019-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
    },
    {
      "name": "CVE-2019-2737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
    },
    {
      "name": "CVE-2019-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
    },
    {
      "name": "CVE-2019-2778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
    },
    {
      "name": "CVE-2019-2822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
    },
    {
      "name": "CVE-2019-2802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
    },
    {
      "name": "CVE-2019-2803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
    },
    {
      "name": "CVE-2019-2752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
    },
    {
      "name": "CVE-2019-2826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
    },
    {
      "name": "CVE-2019-2784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
    },
    {
      "name": "CVE-2019-2789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
    },
    {
      "name": "CVE-2019-2801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
    },
    {
      "name": "CVE-2019-2791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
    },
    {
      "name": "CVE-2019-2798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
    },
    {
      "name": "CVE-2019-2796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
    },
    {
      "name": "CVE-2019-2815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
    },
    {
      "name": "CVE-2019-2810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
    },
    {
      "name": "CVE-2019-2780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
    },
    {
      "name": "CVE-2019-2758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
    },
    {
      "name": "CVE-2019-2757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
    },
    {
      "name": "CVE-2019-2785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
    },
    {
      "name": "CVE-2019-2747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
    },
    {
      "name": "CVE-2019-2741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
    },
    {
      "name": "CVE-2019-2830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
    },
    {
      "name": "CVE-2019-2834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
    },
    {
      "name": "CVE-2019-2743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
    },
    {
      "name": "CVE-2019-2739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
    },
    {
      "name": "CVE-2019-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
    },
    {
      "name": "CVE-2019-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
    },
    {
      "name": "CVE-2019-2774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
    },
    {
      "name": "CVE-2019-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
    },
    {
      "name": "CVE-2019-2746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
    },
    {
      "name": "CVE-2019-2812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
    },
    {
      "name": "CVE-2019-2924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
    },
    {
      "name": "CVE-2019-2914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
    },
    {
      "name": "CVE-2019-2960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
    },
    {
      "name": "CVE-2019-2923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
    },
    {
      "name": "CVE-2019-2968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
    },
    {
      "name": "CVE-2019-2993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
    },
    {
      "name": "CVE-2019-3009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
    },
    {
      "name": "CVE-2019-2969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
    },
    {
      "name": "CVE-2019-3011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
    },
    {
      "name": "CVE-2019-2967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
    },
    {
      "name": "CVE-2019-2946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
    },
    {
      "name": "CVE-2019-2966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
    },
    {
      "name": "CVE-2019-2957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
    },
    {
      "name": "CVE-2019-2948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
    },
    {
      "name": "CVE-2019-2922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
    },
    {
      "name": "CVE-2019-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
    },
    {
      "name": "CVE-2019-2998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
    },
    {
      "name": "CVE-2019-2911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
    },
    {
      "name": "CVE-2019-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
    },
    {
      "name": "CVE-2019-2910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
    },
    {
      "name": "CVE-2019-3018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
    },
    {
      "name": "CVE-2019-2974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
    },
    {
      "name": "CVE-2019-2991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
    },
    {
      "name": "CVE-2019-2997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
    },
    {
      "name": "CVE-2019-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
    },
    {
      "name": "CVE-2019-3003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
    },
    {
      "name": "CVE-2019-2982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
    },
    {
      "name": "CVE-2019-2963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
    },
    {
      "name": "CVE-2020-2579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
    },
    {
      "name": "CVE-2020-2584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
    },
    {
      "name": "CVE-2020-2577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
    },
    {
      "name": "CVE-2020-2679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
    },
    {
      "name": "CVE-2020-2570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
    },
    {
      "name": "CVE-2020-2572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
    },
    {
      "name": "CVE-2020-2627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
    },
    {
      "name": "CVE-2020-2660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
    },
    {
      "name": "CVE-2020-2589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
    },
    {
      "name": "CVE-2020-2573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
    },
    {
      "name": "CVE-2020-2686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
    },
    {
      "name": "CVE-2020-2694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
    },
    {
      "name": "CVE-2020-2574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
    },
    {
      "name": "CVE-2020-2770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
    },
    {
      "name": "CVE-2020-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
    },
    {
      "name": "CVE-2020-2853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
    },
    {
      "name": "CVE-2020-2774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
    },
    {
      "name": "CVE-2020-2928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
    },
    {
      "name": "CVE-2020-2897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
    },
    {
      "name": "CVE-2020-2812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
    },
    {
      "name": "CVE-2020-2765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
    },
    {
      "name": "CVE-2020-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
    },
    {
      "name": "CVE-2020-2790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
    },
    {
      "name": "CVE-2020-2752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
    },
    {
      "name": "CVE-2020-2904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
    },
    {
      "name": "CVE-2020-2893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
    },
    {
      "name": "CVE-2020-2760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
    },
    {
      "name": "CVE-2020-2780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
    },
    {
      "name": "CVE-2020-2903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
    },
    {
      "name": "CVE-2020-2924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
    },
    {
      "name": "CVE-2020-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
    },
    {
      "name": "CVE-2020-2922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
    },
    {
      "name": "CVE-2020-2901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
    },
    {
      "name": "CVE-2020-2926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
    },
    {
      "name": "CVE-2020-2923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
    },
    {
      "name": "CVE-2020-2921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
    },
    {
      "name": "CVE-2020-2779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
    },
    {
      "name": "CVE-2020-2892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
    },
    {
      "name": "CVE-2020-2896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
    },
    {
      "name": "CVE-2020-2804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
    },
    {
      "name": "CVE-2020-2895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
    },
    {
      "name": "CVE-2020-2930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
    },
    {
      "name": "CVE-2020-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
    },
    {
      "name": "CVE-2020-2759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
    },
    {
      "name": "CVE-2020-2763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
    },
    {
      "name": "CVE-2020-14550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
    },
    {
      "name": "CVE-2020-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
    },
    {
      "name": "CVE-2020-14559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
    },
    {
      "name": "CVE-2020-14576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
    },
    {
      "name": "CVE-2020-14540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
    },
    {
      "name": "CVE-2020-14547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
    },
    {
      "name": "CVE-2020-14553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
    },
    {
      "name": "CVE-2020-14539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
    },
    {
      "name": "CVE-2020-14845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
    },
    {
      "name": "CVE-2020-14799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
    },
    {
      "name": "CVE-2020-14793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
    },
    {
      "name": "CVE-2020-14888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
    },
    {
      "name": "CVE-2020-14790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
    },
    {
      "name": "CVE-2020-14789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
    },
    {
      "name": "CVE-2020-14672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
    },
    {
      "name": "CVE-2020-14846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
    },
    {
      "name": "CVE-2020-14771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
    },
    {
      "name": "CVE-2020-14873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
    },
    {
      "name": "CVE-2020-14791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
    },
    {
      "name": "CVE-2020-14769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
    },
    {
      "name": "CVE-2020-14844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
    },
    {
      "name": "CVE-2020-14809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
    },
    {
      "name": "CVE-2020-14860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
    },
    {
      "name": "CVE-2020-14866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
    },
    {
      "name": "CVE-2020-14861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
    },
    {
      "name": "CVE-2020-14773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
    },
    {
      "name": "CVE-2020-14776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
    },
    {
      "name": "CVE-2020-14852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
    },
    {
      "name": "CVE-2020-14760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
    },
    {
      "name": "CVE-2020-14870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
    },
    {
      "name": "CVE-2020-14837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
    },
    {
      "name": "CVE-2020-14893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
    },
    {
      "name": "CVE-2020-14836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
    },
    {
      "name": "CVE-2020-14829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
    },
    {
      "name": "CVE-2020-14868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
    },
    {
      "name": "CVE-2020-14827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
    },
    {
      "name": "CVE-2020-14839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
    },
    {
      "name": "CVE-2020-14777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
    },
    {
      "name": "CVE-2020-14812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
    },
    {
      "name": "CVE-2020-14775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
    },
    {
      "name": "CVE-2020-14838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
    },
    {
      "name": "CVE-2020-14869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
    },
    {
      "name": "CVE-2020-14765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
    },
    {
      "name": "CVE-2020-14814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
    },
    {
      "name": "CVE-2020-14821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
    },
    {
      "name": "CVE-2020-14830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
    },
    {
      "name": "CVE-2020-14828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
    },
    {
      "name": "CVE-2020-14804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
    },
    {
      "name": "CVE-2020-14800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
    },
    {
      "name": "CVE-2020-14891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
    },
    {
      "name": "CVE-2020-14848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
    },
    {
      "name": "CVE-2020-14867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
    },
    {
      "name": "CVE-2020-14785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
    },
    {
      "name": "CVE-2020-14794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
    },
    {
      "name": "CVE-2020-14786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2021-2010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
    },
    {
      "name": "CVE-2021-2001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
    },
    {
      "name": "CVE-2021-2060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
    },
    {
      "name": "CVE-2021-2014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
    },
    {
      "name": "CVE-2021-2032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
    },
    {
      "name": "CVE-2021-2036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
    },
    {
      "name": "CVE-2021-2007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
    },
    {
      "name": "CVE-2021-2011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
    },
    {
      "name": "CVE-2021-2022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
    },
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2021-2308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
    },
    {
      "name": "CVE-2021-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
    },
    {
      "name": "CVE-2021-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
    },
    {
      "name": "CVE-2021-2293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
    },
    {
      "name": "CVE-2021-2208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
    },
    {
      "name": "CVE-2021-2196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
    },
    {
      "name": "CVE-2021-2194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
    },
    {
      "name": "CVE-2021-2298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
    },
    {
      "name": "CVE-2021-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
    },
    {
      "name": "CVE-2021-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
    },
    {
      "name": "CVE-2021-2307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
    },
    {
      "name": "CVE-2021-2217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
    },
    {
      "name": "CVE-2021-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
    },
    {
      "name": "CVE-2021-2203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
    },
    {
      "name": "CVE-2021-2144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
    },
    {
      "name": "CVE-2021-2226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
    },
    {
      "name": "CVE-2021-2232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
    },
    {
      "name": "CVE-2021-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
    },
    {
      "name": "CVE-2021-2301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
    },
    {
      "name": "CVE-2021-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
    },
    {
      "name": "CVE-2021-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
    },
    {
      "name": "CVE-2021-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
    },
    {
      "name": "CVE-2021-2154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
    },
    {
      "name": "CVE-2021-2193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
    },
    {
      "name": "CVE-2021-2300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
    },
    {
      "name": "CVE-2021-2299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
    },
    {
      "name": "CVE-2021-2212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
    },
    {
      "name": "CVE-2021-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
    },
    {
      "name": "CVE-2021-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
    },
    {
      "name": "CVE-2021-2230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
    },
    {
      "name": "CVE-2021-2278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
    },
    {
      "name": "CVE-2021-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
    },
    {
      "name": "CVE-2021-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
    },
    {
      "name": "CVE-2021-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
    },
    {
      "name": "CVE-2021-2304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
    },
    {
      "name": "CVE-2021-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
    },
    {
      "name": "CVE-2021-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
    },
    {
      "name": "CVE-2021-2305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
    },
    {
      "name": "CVE-2021-2215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
    },
    {
      "name": "CVE-2021-25214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
    },
    {
      "name": "CVE-2012-6153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
    },
    {
      "name": "CVE-2021-2389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
    },
    {
      "name": "CVE-2021-2444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
    },
    {
      "name": "CVE-2021-2429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
    },
    {
      "name": "CVE-2021-2426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
    },
    {
      "name": "CVE-2021-2427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
    },
    {
      "name": "CVE-2021-2339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
    },
    {
      "name": "CVE-2021-2425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
    },
    {
      "name": "CVE-2021-2387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
    },
    {
      "name": "CVE-2021-2383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
    },
    {
      "name": "CVE-2021-2372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
    },
    {
      "name": "CVE-2021-2399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
    },
    {
      "name": "CVE-2021-2384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
    },
    {
      "name": "CVE-2021-2412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
    },
    {
      "name": "CVE-2021-2441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
    },
    {
      "name": "CVE-2021-2410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
    },
    {
      "name": "CVE-2021-2342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
    },
    {
      "name": "CVE-2021-2437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
    },
    {
      "name": "CVE-2021-2417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
    },
    {
      "name": "CVE-2021-2424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
    },
    {
      "name": "CVE-2021-2385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
    },
    {
      "name": "CVE-2021-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
    },
    {
      "name": "CVE-2021-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
    },
    {
      "name": "CVE-2021-2402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
    },
    {
      "name": "CVE-2021-2440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
    },
    {
      "name": "CVE-2021-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
    },
    {
      "name": "CVE-2021-2390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
    },
    {
      "name": "CVE-2021-2374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
    },
    {
      "name": "CVE-2021-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
    },
    {
      "name": "CVE-2021-2411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
    },
    {
      "name": "CVE-2021-2418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
    },
    {
      "name": "CVE-2021-2367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
    },
    {
      "name": "CVE-2021-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
    },
    {
      "name": "CVE-2021-2422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2020-28500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2021-3421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2019-2708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2021-35640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
    },
    {
      "name": "CVE-2021-35626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
    },
    {
      "name": "CVE-2021-2478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
    },
    {
      "name": "CVE-2021-35624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
    },
    {
      "name": "CVE-2021-35583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
    },
    {
      "name": "CVE-2021-35628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
    },
    {
      "name": "CVE-2021-35630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
    },
    {
      "name": "CVE-2021-35644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
    },
    {
      "name": "CVE-2021-2479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
    },
    {
      "name": "CVE-2021-35638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
    },
    {
      "name": "CVE-2021-35646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
    },
    {
      "name": "CVE-2021-35596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
    },
    {
      "name": "CVE-2021-35643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
    },
    {
      "name": "CVE-2021-35637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
    },
    {
      "name": "CVE-2021-35623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
    },
    {
      "name": "CVE-2021-35632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
    },
    {
      "name": "CVE-2021-35641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
    },
    {
      "name": "CVE-2021-35604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
    },
    {
      "name": "CVE-2021-35636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
    },
    {
      "name": "CVE-2021-35546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
    },
    {
      "name": "CVE-2021-35627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
    },
    {
      "name": "CVE-2021-35625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
    },
    {
      "name": "CVE-2021-35608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
    },
    {
      "name": "CVE-2021-35597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
    },
    {
      "name": "CVE-2021-35537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
    },
    {
      "name": "CVE-2021-2481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
    },
    {
      "name": "CVE-2021-35622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
    },
    {
      "name": "CVE-2021-35610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
    },
    {
      "name": "CVE-2021-35633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
    },
    {
      "name": "CVE-2021-35634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
    },
    {
      "name": "CVE-2021-35629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
    },
    {
      "name": "CVE-2021-35631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
    },
    {
      "name": "CVE-2021-35645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
    },
    {
      "name": "CVE-2021-35647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
    },
    {
      "name": "CVE-2021-35612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
    },
    {
      "name": "CVE-2021-35639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
    },
    {
      "name": "CVE-2021-35648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
    },
    {
      "name": "CVE-2021-35607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
    },
    {
      "name": "CVE-2021-35602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
    },
    {
      "name": "CVE-2021-35577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
    },
    {
      "name": "CVE-2021-35642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
    },
    {
      "name": "CVE-2021-35575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
    },
    {
      "name": "CVE-2021-35635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
    },
    {
      "name": "CVE-2021-35591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
    },
    {
      "name": "CVE-2021-25219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
    },
    {
      "name": "CVE-2021-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
    },
    {
      "name": "CVE-2019-10744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
    },
    {
      "name": "CVE-2022-21352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
    },
    {
      "name": "CVE-2022-21304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
    },
    {
      "name": "CVE-2022-21254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
    },
    {
      "name": "CVE-2022-21265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
    },
    {
      "name": "CVE-2022-21348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
    },
    {
      "name": "CVE-2022-21372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
    },
    {
      "name": "CVE-2022-21245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
    },
    {
      "name": "CVE-2022-21368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
    },
    {
      "name": "CVE-2022-21339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
    },
    {
      "name": "CVE-2022-21264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
    },
    {
      "name": "CVE-2022-21297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
    },
    {
      "name": "CVE-2022-21379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
    },
    {
      "name": "CVE-2022-21253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
    },
    {
      "name": "CVE-2022-21301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
    },
    {
      "name": "CVE-2022-21378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
    },
    {
      "name": "CVE-2022-21370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
    },
    {
      "name": "CVE-2022-21302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
    },
    {
      "name": "CVE-2022-21249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
    },
    {
      "name": "CVE-2022-21344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
    },
    {
      "name": "CVE-2022-21270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
    },
    {
      "name": "CVE-2022-21367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
    },
    {
      "name": "CVE-2022-21342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
    },
    {
      "name": "CVE-2022-21362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
    },
    {
      "name": "CVE-2022-21303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
    },
    {
      "name": "CVE-2022-21256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
    },
    {
      "name": "CVE-2022-21358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
    },
    {
      "name": "CVE-2022-21374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2022-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
    },
    {
      "name": "CVE-2022-34903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2022-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2021-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
    },
    {
      "name": "CVE-2020-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
    },
    {
      "name": "CVE-2022-22965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
    },
    {
      "name": "CVE-2022-0213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
    },
    {
      "name": "CVE-2022-21418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
    },
    {
      "name": "CVE-2022-21412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
    },
    {
      "name": "CVE-2022-21437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
    },
    {
      "name": "CVE-2022-21478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
    },
    {
      "name": "CVE-2022-21479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
    },
    {
      "name": "CVE-2022-21438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
    },
    {
      "name": "CVE-2022-21440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
    },
    {
      "name": "CVE-2022-21451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
    },
    {
      "name": "CVE-2022-21427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
    },
    {
      "name": "CVE-2022-21415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
    },
    {
      "name": "CVE-2022-21459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
    },
    {
      "name": "CVE-2022-21460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
    },
    {
      "name": "CVE-2022-21414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
    },
    {
      "name": "CVE-2022-21413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
    },
    {
      "name": "CVE-2022-21436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
    },
    {
      "name": "CVE-2022-21435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
    },
    {
      "name": "CVE-2022-21462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
    },
    {
      "name": "CVE-2022-21444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
    },
    {
      "name": "CVE-2022-21417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
    },
    {
      "name": "CVE-2022-21457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
    },
    {
      "name": "CVE-2022-21425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
    },
    {
      "name": "CVE-2022-21452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
    },
    {
      "name": "CVE-2021-20266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2021-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
    },
    {
      "name": "CVE-2021-4122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2017-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2017-11164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
    },
    {
      "name": "CVE-2022-21525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
    },
    {
      "name": "CVE-2022-21537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
    },
    {
      "name": "CVE-2022-21455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
    },
    {
      "name": "CVE-2022-21534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
    },
    {
      "name": "CVE-2022-21528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
    },
    {
      "name": "CVE-2022-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
    },
    {
      "name": "CVE-2022-21531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
    },
    {
      "name": "CVE-2022-21515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
    },
    {
      "name": "CVE-2022-21538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
    },
    {
      "name": "CVE-2022-21527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
    },
    {
      "name": "CVE-2022-21517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
    },
    {
      "name": "CVE-2022-21539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
    },
    {
      "name": "CVE-2022-21556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
    },
    {
      "name": "CVE-2022-21509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
    },
    {
      "name": "CVE-2022-21553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
    },
    {
      "name": "CVE-2022-21530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
    },
    {
      "name": "CVE-2022-21522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
    },
    {
      "name": "CVE-2022-21547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
    },
    {
      "name": "CVE-2022-21569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
    },
    {
      "name": "CVE-2022-21526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2021-25220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
    },
    {
      "name": "CVE-2022-0396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
    },
    {
      "name": "CVE-2022-3358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2012-5783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
    },
    {
      "name": "CVE-2022-21592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
    },
    {
      "name": "CVE-2022-21617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
    },
    {
      "name": "CVE-2022-21595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
    },
    {
      "name": "CVE-2022-21608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
    },
    {
      "name": "CVE-2022-21589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
    },
    {
      "name": "CVE-2023-21863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
    },
    {
      "name": "CVE-2023-21873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
    },
    {
      "name": "CVE-2023-21879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
    },
    {
      "name": "CVE-2023-21880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
    },
    {
      "name": "CVE-2023-21869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
    },
    {
      "name": "CVE-2023-21872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
    },
    {
      "name": "CVE-2023-21877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
    },
    {
      "name": "CVE-2023-21870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
    },
    {
      "name": "CVE-2023-21887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
    },
    {
      "name": "CVE-2023-21836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
    },
    {
      "name": "CVE-2023-21881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
    },
    {
      "name": "CVE-2023-21876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
    },
    {
      "name": "CVE-2023-21840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
    },
    {
      "name": "CVE-2023-21878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
    },
    {
      "name": "CVE-2023-21866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
    },
    {
      "name": "CVE-2023-21875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
    },
    {
      "name": "CVE-2023-21865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
    },
    {
      "name": "CVE-2023-21883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
    },
    {
      "name": "CVE-2023-21867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
    },
    {
      "name": "CVE-2023-21874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
    },
    {
      "name": "CVE-2023-21871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2022-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
    },
    {
      "name": "CVE-2023-24329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2023-21963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
    },
    {
      "name": "CVE-2023-21977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
    },
    {
      "name": "CVE-2023-21912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2023-20873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
    },
    {
      "name": "CVE-2023-20883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2023-22053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
    },
    {
      "name": "CVE-2023-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
    },
    {
      "name": "CVE-2022-4899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2023-40403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2016-1000027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
    },
    {
      "name": "CVE-2023-35116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
    },
    {
      "name": "CVE-2023-22097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
    },
    {
      "name": "CVE-2023-22084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
    },
    {
      "name": "CVE-2023-22026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
    },
    {
      "name": "CVE-2023-22028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
    },
    {
      "name": "CVE-2023-22015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
    },
    {
      "name": "CVE-2023-22103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
    },
    {
      "name": "CVE-2023-22068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
    },
    {
      "name": "CVE-2023-22078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-22059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
    },
    {
      "name": "CVE-2023-22066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
    },
    {
      "name": "CVE-2023-22114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
    },
    {
      "name": "CVE-2023-22070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
    },
    {
      "name": "CVE-2023-22032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-40217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2021-22570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
    },
    {
      "name": "CVE-2023-2603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
    },
    {
      "name": "CVE-2023-2602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2023-34055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2022-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2021-33294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2023-34969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-36054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
    },
    {
      "name": "CVE-2023-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2023-46219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-47100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
    },
    {
      "name": "CVE-2023-47038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2022-27772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
    },
    {
      "name": "CVE-2023-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
    },
    {
      "name": "CVE-2023-6481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
    },
    {
      "name": "CVE-2023-36632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2020-22916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2023-3978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
    },
    {
      "name": "CVE-2017-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
    },
    {
      "name": "CVE-2021-35939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
    },
    {
      "name": "CVE-2024-0553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
    },
    {
      "name": "CVE-2021-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
    },
    {
      "name": "CVE-2021-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
    },
    {
      "name": "CVE-2023-6597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
    },
    {
      "name": "CVE-2024-26686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
    },
    {
      "name": "CVE-2023-52572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
    },
    {
      "name": "CVE-2007-4559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
    },
    {
      "name": "CVE-2023-3138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2023-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
    },
    {
      "name": "CVE-2023-31486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
    },
    {
      "name": "CVE-2024-26739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2023-51074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2024-35866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2024-35943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
    },
    {
      "name": "CVE-2024-28180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-0397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
    },
    {
      "name": "CVE-2024-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2024-0567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-21137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
    },
    {
      "name": "CVE-2024-0760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
    },
    {
      "name": "CVE-2024-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
    },
    {
      "name": "CVE-2024-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
    },
    {
      "name": "CVE-2024-28835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
    },
    {
      "name": "CVE-2024-6923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
    },
    {
      "name": "CVE-2024-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2024-27402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2024-38808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
    },
    {
      "name": "CVE-2024-38809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
    },
    {
      "name": "CVE-2024-42230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
    },
    {
      "name": "CVE-2024-38807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2022-48893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
    },
    {
      "name": "CVE-2024-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2023-5841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
    },
    {
      "name": "CVE-2024-34459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2023-6246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
    },
    {
      "name": "CVE-2024-46812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
    },
    {
      "name": "CVE-2024-46821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
    },
    {
      "name": "CVE-2024-46751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
    },
    {
      "name": "CVE-2024-46753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
    },
    {
      "name": "CVE-2024-46774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
    },
    {
      "name": "CVE-2024-46787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
    },
    {
      "name": "CVE-2022-21454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
    },
    {
      "name": "CVE-2024-21193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
    },
    {
      "name": "CVE-2024-21194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
    },
    {
      "name": "CVE-2024-21196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
    },
    {
      "name": "CVE-2024-21197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
    },
    {
      "name": "CVE-2024-21198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
    },
    {
      "name": "CVE-2024-21199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
    },
    {
      "name": "CVE-2024-21201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
    },
    {
      "name": "CVE-2024-21207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
    },
    {
      "name": "CVE-2024-21209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
    },
    {
      "name": "CVE-2024-21212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
    },
    {
      "name": "CVE-2024-21213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
    },
    {
      "name": "CVE-2024-21219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
    },
    {
      "name": "CVE-2024-21236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
    },
    {
      "name": "CVE-2024-21239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
    },
    {
      "name": "CVE-2024-21241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2024-38819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
    },
    {
      "name": "CVE-2024-38820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
    },
    {
      "name": "CVE-2024-10487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
    },
    {
      "name": "CVE-2024-10458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
    },
    {
      "name": "CVE-2024-10459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
    },
    {
      "name": "CVE-2024-10460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
    },
    {
      "name": "CVE-2024-10461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
    },
    {
      "name": "CVE-2024-10462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
    },
    {
      "name": "CVE-2024-10463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
    },
    {
      "name": "CVE-2024-10464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
    },
    {
      "name": "CVE-2024-10465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
    },
    {
      "name": "CVE-2024-10466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
    },
    {
      "name": "CVE-2024-10467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
    },
    {
      "name": "CVE-2024-10468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
    },
    {
      "name": "CVE-2024-34447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
    },
    {
      "name": "CVE-2024-38286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
    },
    {
      "name": "CVE-2024-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2024-38828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
    },
    {
      "name": "CVE-2024-46816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
    },
    {
      "name": "CVE-2024-11395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
    },
    {
      "name": "CVE-2024-49960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
    },
    {
      "name": "CVE-2024-50047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
    },
    {
      "name": "CVE-2024-50073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
    },
    {
      "name": "CVE-2024-11691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
    },
    {
      "name": "CVE-2024-11692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
    },
    {
      "name": "CVE-2024-11693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
    },
    {
      "name": "CVE-2024-11694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
    },
    {
      "name": "CVE-2024-11695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
    },
    {
      "name": "CVE-2024-11696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
    },
    {
      "name": "CVE-2024-11697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
    },
    {
      "name": "CVE-2024-11698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
    },
    {
      "name": "CVE-2024-11699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
    },
    {
      "name": "CVE-2024-11700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
    },
    {
      "name": "CVE-2024-11701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
    },
    {
      "name": "CVE-2024-11702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
    },
    {
      "name": "CVE-2024-11703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
    },
    {
      "name": "CVE-2024-11704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
    },
    {
      "name": "CVE-2024-11705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
    },
    {
      "name": "CVE-2024-11706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
    },
    {
      "name": "CVE-2024-11708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
    },
    {
      "name": "CVE-2024-50272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
    },
    {
      "name": "CVE-2024-50280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2024-10963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
    },
    {
      "name": "CVE-2024-47554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
    },
    {
      "name": "CVE-2024-49989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
    },
    {
      "name": "CVE-2024-50125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
    },
    {
      "name": "CVE-2024-53051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
    },
    {
      "name": "CVE-2024-53144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
    },
    {
      "name": "CVE-2024-8805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
    },
    {
      "name": "CVE-2025-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
    },
    {
      "name": "CVE-2025-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
    },
    {
      "name": "CVE-2025-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
    },
    {
      "name": "CVE-2025-0240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
    },
    {
      "name": "CVE-2025-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
    },
    {
      "name": "CVE-2025-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
    },
    {
      "name": "CVE-2025-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
    },
    {
      "name": "CVE-2025-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
    },
    {
      "name": "CVE-2025-0247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
    },
    {
      "name": "CVE-2025-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
    },
    {
      "name": "CVE-2025-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
    },
    {
      "name": "CVE-2025-0436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
    },
    {
      "name": "CVE-2025-0437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
    },
    {
      "name": "CVE-2025-0438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
    },
    {
      "name": "CVE-2025-0439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
    },
    {
      "name": "CVE-2025-0440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
    },
    {
      "name": "CVE-2025-0441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
    },
    {
      "name": "CVE-2025-0442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
    },
    {
      "name": "CVE-2025-0443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
    },
    {
      "name": "CVE-2025-0446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
    },
    {
      "name": "CVE-2025-0447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
    },
    {
      "name": "CVE-2025-0448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
    },
    {
      "name": "CVE-2025-21523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
    },
    {
      "name": "CVE-2025-0612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
    },
    {
      "name": "CVE-2025-23083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
    },
    {
      "name": "CVE-2025-23084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
    },
    {
      "name": "CVE-2025-23085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-0444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
    },
    {
      "name": "CVE-2025-0445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
    },
    {
      "name": "CVE-2025-0451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
    },
    {
      "name": "CVE-2025-0762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
    },
    {
      "name": "CVE-2025-1009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
    },
    {
      "name": "CVE-2025-1010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
    },
    {
      "name": "CVE-2025-1011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
    },
    {
      "name": "CVE-2025-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
    },
    {
      "name": "CVE-2025-1013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
    },
    {
      "name": "CVE-2025-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
    },
    {
      "name": "CVE-2024-56664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
    },
    {
      "name": "CVE-2025-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
    },
    {
      "name": "CVE-2025-1017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
    },
    {
      "name": "CVE-2025-1018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
    },
    {
      "name": "CVE-2025-1019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
    },
    {
      "name": "CVE-2025-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2024-50258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
    },
    {
      "name": "CVE-2024-53203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
    },
    {
      "name": "CVE-2024-53128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
    },
    {
      "name": "CVE-2025-0995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
    },
    {
      "name": "CVE-2025-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
    },
    {
      "name": "CVE-2025-0997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
    },
    {
      "name": "CVE-2025-0998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-1414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
    },
    {
      "name": "CVE-2025-0999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
    },
    {
      "name": "CVE-2025-1006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
    },
    {
      "name": "CVE-2025-1426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
    },
    {
      "name": "CVE-2024-56751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
    },
    {
      "name": "CVE-2023-39017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
    },
    {
      "name": "CVE-2025-1795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
    },
    {
      "name": "CVE-2025-1914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
    },
    {
      "name": "CVE-2025-1915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
    },
    {
      "name": "CVE-2025-1916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
    },
    {
      "name": "CVE-2025-1917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
    },
    {
      "name": "CVE-2025-1918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
    },
    {
      "name": "CVE-2025-1919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
    },
    {
      "name": "CVE-2025-1921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
    },
    {
      "name": "CVE-2025-1922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
    },
    {
      "name": "CVE-2025-1923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
    },
    {
      "name": "CVE-2025-1930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
    },
    {
      "name": "CVE-2025-1931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
    },
    {
      "name": "CVE-2025-1932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
    },
    {
      "name": "CVE-2025-1933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
    },
    {
      "name": "CVE-2025-1934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
    },
    {
      "name": "CVE-2025-1935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
    },
    {
      "name": "CVE-2025-1936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
    },
    {
      "name": "CVE-2025-1937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
    },
    {
      "name": "CVE-2025-1938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
    },
    {
      "name": "CVE-2025-1939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
    },
    {
      "name": "CVE-2025-1940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
    },
    {
      "name": "CVE-2025-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
    },
    {
      "name": "CVE-2025-1942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
    },
    {
      "name": "CVE-2025-1943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
    },
    {
      "name": "CVE-2025-1920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
    },
    {
      "name": "CVE-2025-2135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
    },
    {
      "name": "CVE-2025-2136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
    },
    {
      "name": "CVE-2025-2137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
    },
    {
      "name": "CVE-2025-24813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
    },
    {
      "name": "CVE-2024-6763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2024-45338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-45772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
    },
    {
      "name": "CVE-2025-2476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
    },
    {
      "name": "CVE-2025-2857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-2783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
    },
    {
      "name": "CVE-2022-49063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
    },
    {
      "name": "CVE-2022-49535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2025-27113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
    },
    {
      "name": "CVE-2025-3066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
    },
    {
      "name": "CVE-2025-3067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
    },
    {
      "name": "CVE-2025-3068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
    },
    {
      "name": "CVE-2025-3071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
    },
    {
      "name": "CVE-2025-3072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
    },
    {
      "name": "CVE-2025-3073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
    },
    {
      "name": "CVE-2025-3074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
    },
    {
      "name": "CVE-2025-3028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
    },
    {
      "name": "CVE-2025-3029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
    },
    {
      "name": "CVE-2025-3030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
    },
    {
      "name": "CVE-2025-3031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
    },
    {
      "name": "CVE-2025-3032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
    },
    {
      "name": "CVE-2025-3033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
    },
    {
      "name": "CVE-2025-3034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
    },
    {
      "name": "CVE-2025-3035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
    },
    {
      "name": "CVE-2024-54458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
    },
    {
      "name": "CVE-2025-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
    },
    {
      "name": "CVE-2025-21574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
    },
    {
      "name": "CVE-2025-21575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
    },
    {
      "name": "CVE-2025-21577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
    },
    {
      "name": "CVE-2025-21579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
    },
    {
      "name": "CVE-2025-21580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
    },
    {
      "name": "CVE-2025-21581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
    },
    {
      "name": "CVE-2025-21584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
    },
    {
      "name": "CVE-2025-21585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
    },
    {
      "name": "CVE-2025-21588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
    },
    {
      "name": "CVE-2025-30681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
    },
    {
      "name": "CVE-2025-30682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
    },
    {
      "name": "CVE-2025-30683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
    },
    {
      "name": "CVE-2025-30684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
    },
    {
      "name": "CVE-2025-30685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
    },
    {
      "name": "CVE-2025-30687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
    },
    {
      "name": "CVE-2025-30688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
    },
    {
      "name": "CVE-2025-30689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
    },
    {
      "name": "CVE-2025-30693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
    },
    {
      "name": "CVE-2025-30695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
    },
    {
      "name": "CVE-2025-30696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
    },
    {
      "name": "CVE-2025-30699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
    },
    {
      "name": "CVE-2025-30703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
    },
    {
      "name": "CVE-2025-30704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
    },
    {
      "name": "CVE-2025-30705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
    },
    {
      "name": "CVE-2025-30715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
    },
    {
      "name": "CVE-2025-30721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
    },
    {
      "name": "CVE-2025-21839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
    },
    {
      "name": "CVE-2025-3619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
    },
    {
      "name": "CVE-2025-3620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-21941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
    },
    {
      "name": "CVE-2025-21956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
    },
    {
      "name": "CVE-2025-21957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
    },
    {
      "name": "CVE-2025-21959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
    },
    {
      "name": "CVE-2025-21962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
    },
    {
      "name": "CVE-2025-21963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
    },
    {
      "name": "CVE-2025-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
    },
    {
      "name": "CVE-2025-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
    },
    {
      "name": "CVE-2025-21970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
    },
    {
      "name": "CVE-2025-21975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
    },
    {
      "name": "CVE-2025-21981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
    },
    {
      "name": "CVE-2025-21991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
    },
    {
      "name": "CVE-2025-21992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
    },
    {
      "name": "CVE-2025-21994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
    },
    {
      "name": "CVE-2025-21996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
    },
    {
      "name": "CVE-2025-21999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
    },
    {
      "name": "CVE-2025-22004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
    },
    {
      "name": "CVE-2025-22005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
    },
    {
      "name": "CVE-2025-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
    },
    {
      "name": "CVE-2025-22008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
    },
    {
      "name": "CVE-2025-22010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
    },
    {
      "name": "CVE-2025-22014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
    },
    {
      "name": "CVE-2024-12798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
    },
    {
      "name": "CVE-2024-12801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2025-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-4050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
    },
    {
      "name": "CVE-2025-4051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
    },
    {
      "name": "CVE-2025-4052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
    },
    {
      "name": "CVE-2025-4096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
    },
    {
      "name": "CVE-2025-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
    },
    {
      "name": "CVE-2025-4082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
    },
    {
      "name": "CVE-2025-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
    },
    {
      "name": "CVE-2025-4085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
    },
    {
      "name": "CVE-2025-4087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
    },
    {
      "name": "CVE-2025-4088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
    },
    {
      "name": "CVE-2025-4089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
    },
    {
      "name": "CVE-2025-4090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
    },
    {
      "name": "CVE-2025-4091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
    },
    {
      "name": "CVE-2025-4092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
    },
    {
      "name": "CVE-2023-53034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
    },
    {
      "name": "CVE-2024-46742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
    },
    {
      "name": "CVE-2025-21853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
    },
    {
      "name": "CVE-2025-22025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
    },
    {
      "name": "CVE-2025-22027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
    },
    {
      "name": "CVE-2025-22035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
    },
    {
      "name": "CVE-2025-22044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
    },
    {
      "name": "CVE-2025-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
    },
    {
      "name": "CVE-2025-22050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
    },
    {
      "name": "CVE-2025-22054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
    },
    {
      "name": "CVE-2025-22055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
    },
    {
      "name": "CVE-2025-22056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
    },
    {
      "name": "CVE-2025-22060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
    },
    {
      "name": "CVE-2025-22063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
    },
    {
      "name": "CVE-2025-22066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
    },
    {
      "name": "CVE-2025-22071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
    },
    {
      "name": "CVE-2025-22073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
    },
    {
      "name": "CVE-2025-22075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
    },
    {
      "name": "CVE-2025-22079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
    },
    {
      "name": "CVE-2025-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
    },
    {
      "name": "CVE-2025-22086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
    },
    {
      "name": "CVE-2025-22089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
    },
    {
      "name": "CVE-2025-22097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
    },
    {
      "name": "CVE-2025-23136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
    },
    {
      "name": "CVE-2025-23138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
    },
    {
      "name": "CVE-2025-37785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
    },
    {
      "name": "CVE-2025-37838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
    },
    {
      "name": "CVE-2025-38152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
    },
    {
      "name": "CVE-2025-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
    },
    {
      "name": "CVE-2025-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
    },
    {
      "name": "CVE-2025-39728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
    },
    {
      "name": "CVE-2025-39735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
    },
    {
      "name": "CVE-2025-27516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
    },
    {
      "name": "CVE-2025-29087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
    },
    {
      "name": "CVE-2025-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
    },
    {
      "name": "CVE-2025-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
    },
    {
      "name": "CVE-2025-4664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
    },
    {
      "name": "CVE-2025-4372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
    },
    {
      "name": "CVE-2025-4516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2025-24855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
    },
    {
      "name": "CVE-2025-4918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
    },
    {
      "name": "CVE-2025-4919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
    },
    {
      "name": "CVE-2025-41232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
    },
    {
      "name": "CVE-2025-23165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
    },
    {
      "name": "CVE-2025-23166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
    },
    {
      "name": "CVE-2025-5063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
    },
    {
      "name": "CVE-2025-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
    },
    {
      "name": "CVE-2025-5065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
    },
    {
      "name": "CVE-2025-5066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
    },
    {
      "name": "CVE-2025-5067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
    },
    {
      "name": "CVE-2025-32414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2022-49728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
    },
    {
      "name": "CVE-2024-58093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
    },
    {
      "name": "CVE-2025-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
    },
    {
      "name": "CVE-2025-22020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
    },
    {
      "name": "CVE-2025-22062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
    },
    {
      "name": "CVE-2025-23145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
    },
    {
      "name": "CVE-2025-37798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
    },
    {
      "name": "CVE-2025-37749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-5263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
    },
    {
      "name": "CVE-2025-5264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
    },
    {
      "name": "CVE-2025-5265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
    },
    {
      "name": "CVE-2025-5266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
    },
    {
      "name": "CVE-2025-5267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
    },
    {
      "name": "CVE-2025-5268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
    },
    {
      "name": "CVE-2025-5270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
    },
    {
      "name": "CVE-2025-5271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
    },
    {
      "name": "CVE-2025-5272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
    },
    {
      "name": "CVE-2025-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
    },
    {
      "name": "CVE-2025-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2025-22021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
    },
    {
      "name": "CVE-2025-23140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
    },
    {
      "name": "CVE-2025-23142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
    },
    {
      "name": "CVE-2025-23144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
    },
    {
      "name": "CVE-2025-23146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
    },
    {
      "name": "CVE-2025-23147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
    },
    {
      "name": "CVE-2025-23148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
    },
    {
      "name": "CVE-2025-23150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
    },
    {
      "name": "CVE-2025-23151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
    },
    {
      "name": "CVE-2025-23156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
    },
    {
      "name": "CVE-2025-23157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
    },
    {
      "name": "CVE-2025-23158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
    },
    {
      "name": "CVE-2025-23159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
    },
    {
      "name": "CVE-2025-23161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
    },
    {
      "name": "CVE-2025-23163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
    },
    {
      "name": "CVE-2025-37738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
    },
    {
      "name": "CVE-2025-37739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
    },
    {
      "name": "CVE-2025-37740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
    },
    {
      "name": "CVE-2025-37741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
    },
    {
      "name": "CVE-2025-37742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
    },
    {
      "name": "CVE-2025-37756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
    },
    {
      "name": "CVE-2025-37757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
    },
    {
      "name": "CVE-2025-37758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
    },
    {
      "name": "CVE-2025-37765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
    },
    {
      "name": "CVE-2025-37766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
    },
    {
      "name": "CVE-2025-37767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
    },
    {
      "name": "CVE-2025-37768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
    },
    {
      "name": "CVE-2025-37770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
    },
    {
      "name": "CVE-2025-37771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
    },
    {
      "name": "CVE-2025-37773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
    },
    {
      "name": "CVE-2025-37780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
    },
    {
      "name": "CVE-2025-37781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
    },
    {
      "name": "CVE-2025-37787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
    },
    {
      "name": "CVE-2025-37788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
    },
    {
      "name": "CVE-2025-37789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
    },
    {
      "name": "CVE-2025-37790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
    },
    {
      "name": "CVE-2025-37792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
    },
    {
      "name": "CVE-2025-37794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
    },
    {
      "name": "CVE-2025-37796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
    },
    {
      "name": "CVE-2025-37797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
    },
    {
      "name": "CVE-2025-37803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
    },
    {
      "name": "CVE-2025-37805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
    },
    {
      "name": "CVE-2025-37808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
    },
    {
      "name": "CVE-2025-37810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
    },
    {
      "name": "CVE-2025-37811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
    },
    {
      "name": "CVE-2025-37812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
    },
    {
      "name": "CVE-2025-37817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
    },
    {
      "name": "CVE-2025-37823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
    },
    {
      "name": "CVE-2025-37824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
    },
    {
      "name": "CVE-2025-37829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
    },
    {
      "name": "CVE-2025-37830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
    },
    {
      "name": "CVE-2025-37836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
    },
    {
      "name": "CVE-2025-37839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
    },
    {
      "name": "CVE-2025-37840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
    },
    {
      "name": "CVE-2025-37841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
    },
    {
      "name": "CVE-2025-37844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
    },
    {
      "name": "CVE-2025-37850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
    },
    {
      "name": "CVE-2025-37851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
    },
    {
      "name": "CVE-2025-37857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
    },
    {
      "name": "CVE-2025-37858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
    },
    {
      "name": "CVE-2025-37859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
    },
    {
      "name": "CVE-2025-37862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
    },
    {
      "name": "CVE-2025-37867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
    },
    {
      "name": "CVE-2025-37871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
    },
    {
      "name": "CVE-2025-37875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
    },
    {
      "name": "CVE-2025-37881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
    },
    {
      "name": "CVE-2025-37883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
    },
    {
      "name": "CVE-2025-37885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
    },
    {
      "name": "CVE-2025-37889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
    },
    {
      "name": "CVE-2025-37892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
    },
    {
      "name": "CVE-2025-37937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
    },
    {
      "name": "CVE-2025-37940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
    },
    {
      "name": "CVE-2025-37982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
    },
    {
      "name": "CVE-2025-37983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
    },
    {
      "name": "CVE-2025-37985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
    },
    {
      "name": "CVE-2025-37989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
    },
    {
      "name": "CVE-2025-37819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
    },
    {
      "name": "CVE-2025-37890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
    },
    {
      "name": "CVE-2025-37905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
    },
    {
      "name": "CVE-2025-37909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
    },
    {
      "name": "CVE-2025-37911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
    },
    {
      "name": "CVE-2025-37912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
    },
    {
      "name": "CVE-2025-37913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
    },
    {
      "name": "CVE-2025-37914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
    },
    {
      "name": "CVE-2025-37915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
    },
    {
      "name": "CVE-2025-37923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
    },
    {
      "name": "CVE-2025-37927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
    },
    {
      "name": "CVE-2025-37930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
    },
    {
      "name": "CVE-2025-37932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
    },
    {
      "name": "CVE-2025-37949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
    },
    {
      "name": "CVE-2025-37964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
    },
    {
      "name": "CVE-2025-37967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
    },
    {
      "name": "CVE-2025-37969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
    },
    {
      "name": "CVE-2025-37970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
    },
    {
      "name": "CVE-2025-37990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
    },
    {
      "name": "CVE-2025-37991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
    },
    {
      "name": "CVE-2025-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
    },
    {
      "name": "CVE-2025-5419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
    },
    {
      "name": "CVE-2025-27144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
    },
    {
      "name": "CVE-2025-49709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
    },
    {
      "name": "CVE-2025-49710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
    },
    {
      "name": "CVE-2023-6779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
    },
    {
      "name": "CVE-2023-6780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2025-29088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
    },
    {
      "name": "CVE-2025-31115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2025-5958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
    },
    {
      "name": "CVE-2025-5959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
    },
    {
      "name": "CVE-2025-41234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
    },
    {
      "name": "CVE-2025-49146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
    },
    {
      "name": "CVE-2025-48988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
    },
    {
      "name": "CVE-2025-49124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
    },
    {
      "name": "CVE-2025-49125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
    },
    {
      "name": "CVE-2025-6191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
    },
    {
      "name": "CVE-2025-6192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
    },
    {
      "name": "CVE-2024-53427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    },
    {
      "name": "CVE-2022-49168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
    },
    {
      "name": "CVE-2025-37998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
    },
    {
      "name": "CVE-2023-42366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
    },
    {
      "name": "CVE-2025-6424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
    },
    {
      "name": "CVE-2025-6425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
    },
    {
      "name": "CVE-2025-6426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
    },
    {
      "name": "CVE-2025-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
    },
    {
      "name": "CVE-2025-6429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
    },
    {
      "name": "CVE-2025-6430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
    },
    {
      "name": "CVE-2025-6432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
    },
    {
      "name": "CVE-2025-6433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
    },
    {
      "name": "CVE-2025-6434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2025-6555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
    },
    {
      "name": "CVE-2025-6556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
    },
    {
      "name": "CVE-2025-6557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
    },
    {
      "name": "CVE-2025-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
    },
    {
      "name": "CVE-2025-6436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
    },
    {
      "name": "CVE-2025-6554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2022-49636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
    },
    {
      "name": "CVE-2025-37997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
    },
    {
      "name": "CVE-2025-38000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
    },
    {
      "name": "CVE-2025-38001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
    },
    {
      "name": "CVE-2025-32462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
    },
    {
      "name": "CVE-2025-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
    },
    {
      "name": "CVE-2025-53506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2025-3576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
    },
    {
      "name": "CVE-2025-47268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
    },
    {
      "name": "CVE-2025-37992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
    },
    {
      "name": "CVE-2025-37994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
    },
    {
      "name": "CVE-2025-37995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
    },
    {
      "name": "CVE-2025-38005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
    },
    {
      "name": "CVE-2025-38009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
    },
    {
      "name": "CVE-2025-38023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2025-38083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
    },
    {
      "name": "CVE-2025-22227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
    },
    {
      "name": "CVE-2025-6558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
    },
    {
      "name": "CVE-2025-7656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
    },
    {
      "name": "CVE-2025-7657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-50088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
    },
    {
      "name": "CVE-2025-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
    },
    {
      "name": "CVE-2022-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
    },
    {
      "name": "CVE-2020-16156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
    },
    {
      "name": "CVE-2025-8010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
    },
    {
      "name": "CVE-2025-8011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
    },
    {
      "name": "CVE-2025-8027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
    },
    {
      "name": "CVE-2025-8028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
    },
    {
      "name": "CVE-2025-8029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
    },
    {
      "name": "CVE-2025-8030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
    },
    {
      "name": "CVE-2025-8031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
    },
    {
      "name": "CVE-2025-8032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
    },
    {
      "name": "CVE-2025-8033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
    },
    {
      "name": "CVE-2025-8034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
    },
    {
      "name": "CVE-2025-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
    },
    {
      "name": "CVE-2025-8036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
    },
    {
      "name": "CVE-2025-8037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
    },
    {
      "name": "CVE-2025-8038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
    },
    {
      "name": "CVE-2025-8039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
    },
    {
      "name": "CVE-2025-8040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
    },
    {
      "name": "CVE-2025-8041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
    },
    {
      "name": "CVE-2025-8043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
    },
    {
      "name": "CVE-2025-8044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
    },
    {
      "name": "CVE-2024-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
    },
    {
      "name": "CVE-2024-45339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
    },
    {
      "name": "CVE-2024-47611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2025-38177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2025-48060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
    },
    {
      "name": "CVE-2025-4877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
    },
    {
      "name": "CVE-2025-4878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2025-50181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
    },
    {
      "name": "CVE-2025-5318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
    },
    {
      "name": "CVE-2025-5372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
    },
    {
      "name": "CVE-2025-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
    },
    {
      "name": "CVE-2025-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
    },
    {
      "name": "CVE-2025-5916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
    },
    {
      "name": "CVE-2025-5917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2025-38094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2025-8292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
    },
    {
      "name": "CVE-2025-7424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2025-50182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-8576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
    },
    {
      "name": "CVE-2025-8577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
    },
    {
      "name": "CVE-2025-8578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
    },
    {
      "name": "CVE-2025-8579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
    },
    {
      "name": "CVE-2025-8580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
    },
    {
      "name": "CVE-2025-8581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
    },
    {
      "name": "CVE-2025-8582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
    },
    {
      "name": "CVE-2025-8583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
    },
    {
      "name": "CVE-2025-27210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
    },
    {
      "name": "CVE-2025-27817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
    },
    {
      "name": "CVE-2025-27818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
    },
    {
      "name": "CVE-2025-8879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
    },
    {
      "name": "CVE-2025-8880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
    },
    {
      "name": "CVE-2025-8881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
    },
    {
      "name": "CVE-2025-8882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
    },
    {
      "name": "CVE-2025-8901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
    },
    {
      "name": "CVE-2025-48989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
    },
    {
      "name": "CVE-2025-7339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
    },
    {
      "name": "CVE-2025-7783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
    },
    {
      "name": "CVE-2021-32256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
    },
    {
      "name": "CVE-2024-25260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
    },
    {
      "name": "CVE-2025-1371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
    },
    {
      "name": "CVE-2025-1376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
    },
    {
      "name": "CVE-2025-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
    },
    {
      "name": "CVE-2025-47273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
    },
    {
      "name": "CVE-2025-48964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
    },
    {
      "name": "CVE-2025-49794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
    },
    {
      "name": "CVE-2025-49796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
    },
    {
      "name": "CVE-2025-41242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
    },
    {
      "name": "CVE-2025-9132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
    },
    {
      "name": "CVE-2025-54988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2025-55668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
    },
    {
      "name": "CVE-2025-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2025-52999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-8941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
    },
    {
      "name": "CVE-2025-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
    },
    {
      "name": "CVE-2005-2541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
    },
    {
      "name": "CVE-2008-5727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
    },
    {
      "name": "CVE-2008-5728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
    },
    {
      "name": "CVE-2008-5729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
    },
    {
      "name": "CVE-2008-5730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
    },
    {
      "name": "CVE-2008-5742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
    },
    {
      "name": "CVE-2011-3374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
    },
    {
      "name": "CVE-2014-4715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
    },
    {
      "name": "CVE-2015-2214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
    },
    {
      "name": "CVE-2016-0682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
    },
    {
      "name": "CVE-2016-0689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
    },
    {
      "name": "CVE-2016-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
    },
    {
      "name": "CVE-2016-0694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
    },
    {
      "name": "CVE-2016-2149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
    },
    {
      "name": "CVE-2016-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
    },
    {
      "name": "CVE-2016-3418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
    },
    {
      "name": "CVE-2017-10140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
    },
    {
      "name": "CVE-2017-12195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
    },
    {
      "name": "CVE-2017-12629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
    },
    {
      "name": "CVE-2017-3604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
    },
    {
      "name": "CVE-2017-3605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
    },
    {
      "name": "CVE-2017-3606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
    },
    {
      "name": "CVE-2017-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
    },
    {
      "name": "CVE-2017-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
    },
    {
      "name": "CVE-2017-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
    },
    {
      "name": "CVE-2017-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
    },
    {
      "name": "CVE-2017-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
    },
    {
      "name": "CVE-2017-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
    },
    {
      "name": "CVE-2017-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
    },
    {
      "name": "CVE-2017-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
    },
    {
      "name": "CVE-2017-3615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
    },
    {
      "name": "CVE-2017-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
    },
    {
      "name": "CVE-2017-3617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
    },
    {
      "name": "CVE-2018-1000169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
    },
    {
      "name": "CVE-2018-1196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
    },
    {
      "name": "CVE-2018-1273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
    },
    {
      "name": "CVE-2019-10782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
    },
    {
      "name": "CVE-2019-9658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
    },
    {
      "name": "CVE-2020-2981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
    },
    {
      "name": "CVE-2021-20298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
    },
    {
      "name": "CVE-2021-20304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
    },
    {
      "name": "CVE-2021-22055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
    },
    {
      "name": "CVE-2021-23169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
    },
    {
      "name": "CVE-2021-3236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
    },
    {
      "name": "CVE-2022-0635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
    },
    {
      "name": "CVE-2022-0667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
    },
    {
      "name": "CVE-2022-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
    },
    {
      "name": "CVE-2022-39046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
    },
    {
      "name": "CVE-2022-42010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
    },
    {
      "name": "CVE-2022-42011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
    },
    {
      "name": "CVE-2022-42012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
    },
    {
      "name": "CVE-2022-44638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
    },
    {
      "name": "CVE-2023-31437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
    },
    {
      "name": "CVE-2023-31438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
    },
    {
      "name": "CVE-2023-31439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
    },
    {
      "name": "CVE-2023-37769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
    },
    {
      "name": "CVE-2023-39810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
    },
    {
      "name": "CVE-2023-4156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
    },
    {
      "name": "CVE-2023-4320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
    },
    {
      "name": "CVE-2023-43785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
    },
    {
      "name": "CVE-2023-43786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
    },
    {
      "name": "CVE-2023-43787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
    },
    {
      "name": "CVE-2023-46129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
    },
    {
      "name": "CVE-2023-47039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
    },
    {
      "name": "CVE-2023-5189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
    },
    {
      "name": "CVE-2024-11584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
    },
    {
      "name": "CVE-2024-21742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
    },
    {
      "name": "CVE-2024-22047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
    },
    {
      "name": "CVE-2024-2397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
    },
    {
      "name": "CVE-2024-26462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
    },
    {
      "name": "CVE-2024-31047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
    },
    {
      "name": "CVE-2024-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2024-6174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
    },
    {
      "name": "CVE-2024-7012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
    },
    {
      "name": "CVE-2025-1352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
    },
    {
      "name": "CVE-2025-1365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
    },
    {
      "name": "CVE-2025-1372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
    },
    {
      "name": "CVE-2025-24294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
    },
    {
      "name": "CVE-2025-26519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
    },
    {
      "name": "CVE-2025-27587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
    },
    {
      "name": "CVE-2025-30258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
    },
    {
      "name": "CVE-2025-31672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
    },
    {
      "name": "CVE-2025-40909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
    },
    {
      "name": "CVE-2025-43857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2025-45768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
    },
    {
      "name": "CVE-2025-46392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2025-49795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2025-5222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
    },
    {
      "name": "CVE-2025-5278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
    },
    {
      "name": "CVE-2025-53864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
    },
    {
      "name": "CVE-2025-6170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
    },
    {
      "name": "CVE-2025-6297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
    },
    {
      "name": "CVE-2025-7962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
    },
    {
      "name": "CVE-2025-8058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
    },
    {
      "name": "CVE-2025-8262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
    },
    {
      "name": "CVE-2025-8732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
    },
    {
      "name": "CVE-2025-8885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2025-9179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
    },
    {
      "name": "CVE-2025-9180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
    },
    {
      "name": "CVE-2025-9181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
    },
    {
      "name": "CVE-2025-9182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
    },
    {
      "name": "CVE-2025-9183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
    },
    {
      "name": "CVE-2025-9184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
    },
    {
      "name": "CVE-2025-9185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
    },
    {
      "name": "CVE-2025-9187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
    },
    {
      "name": "CVE-2025-9308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
    }
  ],
  "initial_release_date": "2025-09-05T00:00:00",
  "last_revision_date": "2025-09-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0756",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-09-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
    }
  ]
}

CERTFR-2026-AVI-0523

Vulnerability from certfr_avis - Published: 2026-04-30 - Updated: 2026-04-30

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.6_iFix048
IBM	WebSphere	WebSphere Application Server - Liberty versions 17.0.0.3 à 26.0.0.4 sans le dernier correctif de sécurité
IBM	Informix Dynamic Server	Informix Dynamic Server versions 15.0 sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 12.10.x sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 14.10 sans le correctif de sécurité HQ 3.2.2
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x antérieures à 6.4.0.4_iFix019
IBM	Security QRadar Log Management AQL	greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.5

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7270805	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270827	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270869	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270820	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270845	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270868	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270775	2026-04-27	vendor-advisory
Bulletin de sécurité IBM 7270692	2026-04-24	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.6_iFix048",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server - Liberty versions 17.0.0.3 \u00e0 26.0.0.4 sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 15.0 sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 12.10.x sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 14.10 sans le correctif de s\u00e9curit\u00e9  HQ 3.2.2",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.4_iFix019",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "greffon Security QRadar Log Management AQL versions 1.x ant\u00e9rieures \u00e0 1.1.5",
      "product": {
        "name": "Security QRadar Log Management AQL",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-22737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
    },
    {
      "name": "CVE-2026-22610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
    },
    {
      "name": "CVE-2026-33186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
    },
    {
      "name": "CVE-2026-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3621"
    },
    {
      "name": "CVE-2025-66412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
    },
    {
      "name": "CVE-2025-66035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
    },
    {
      "name": "CVE-2026-2391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
    },
    {
      "name": "CVE-2025-15284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
    },
    {
      "name": "CVE-2026-22029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
    },
    {
      "name": "CVE-2026-24051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2026-4800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
    },
    {
      "name": "CVE-2025-67030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
    },
    {
      "name": "CVE-2026-0540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0540"
    },
    {
      "name": "CVE-2026-33532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33532"
    },
    {
      "name": "CVE-2025-68470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68470"
    },
    {
      "name": "CVE-2026-33228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
    },
    {
      "name": "CVE-2026-27970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27970"
    },
    {
      "name": "CVE-2026-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
    },
    {
      "name": "CVE-2024-29371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
    },
    {
      "name": "CVE-2025-15599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15599"
    },
    {
      "name": "CVE-2024-31033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31033"
    },
    {
      "name": "CVE-2026-26278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
    },
    {
      "name": "CVE-2026-22735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
    },
    {
      "name": "CVE-2026-27601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
    },
    {
      "name": "CVE-2026-32141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
    },
    {
      "name": "CVE-2025-13465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
    }
  ],
  "initial_release_date": "2026-04-30T00:00:00",
  "last_revision_date": "2026-04-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0523",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270805",
      "url": "https://www.ibm.com/support/pages/node/7270805"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270827",
      "url": "https://www.ibm.com/support/pages/node/7270827"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270869",
      "url": "https://www.ibm.com/support/pages/node/7270869"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270820",
      "url": "https://www.ibm.com/support/pages/node/7270820"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270845",
      "url": "https://www.ibm.com/support/pages/node/7270845"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270868",
      "url": "https://www.ibm.com/support/pages/node/7270868"
    },
    {
      "published_at": "2026-04-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270775",
      "url": "https://www.ibm.com/support/pages/node/7270775"
    },
    {
      "published_at": "2026-04-24",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7270692",
      "url": "https://www.ibm.com/support/pages/node/7270692"
    }
  ]
}

CERTFR-2026-AVI-0550

Vulnerability from certfr_avis - Published: 2026-05-07 - Updated: 2026-05-07

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	AIX	AIX 7.2 et 7.3 sans le correctif 301610mc.260424.epkg.Z
IBM	Sterling	IBM Sterling Transformation Extender versions 11.0.0.0 sans le correctif PH71092
IBM	Sterling	IBM Sterling Transformation Extender versions 10.1.0.3 sans le correctif PH71092
IBM	QRadar	SOAR QRadar Plugin App versions antérieures à 5.6.4
IBM	QRadar	QRadar AI Assistant versions antérieures à 1.5.0
IBM	Sterling	IBM Sterling Transformation Extender versions 10.1.1.2 sans le correctif PH71092
IBM	Sterling	IBM Sterling Transformation Extender versions 10.1.2.2 sans le correctif PH71092
IBM	VIOS	VIOS 4.1 sans le correctif 301610mc.260424.epkg.Z

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7271707	2026-05-05	vendor-advisory
Bulletin de sécurité IBM 7271922	2026-05-06	vendor-advisory
Bulletin de sécurité IBM 7271681	2026-05-04	vendor-advisory
Bulletin de sécurité IBM 7271765	2026-05-05	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "AIX 7.2 et 7.3 sans le correctif 301610mc.260424.epkg.Z",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 11.0.0.0 sans le correctif PH71092",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.0.3 sans le correctif PH71092",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.4",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar AI Assistant versions ant\u00e9rieures \u00e0 1.5.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.1.2 sans le correctif PH71092",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.2.2 sans le correctif PH71092",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS 4.1 sans le correctif 301610mc.260424.epkg.Z",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-40087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40087"
    },
    {
      "name": "CVE-2026-39892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
    },
    {
      "name": "CVE-2026-33123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33123"
    },
    {
      "name": "CVE-2026-22013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
    },
    {
      "name": "CVE-2026-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
    },
    {
      "name": "CVE-2026-34073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2025-62718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
    },
    {
      "name": "CVE-2026-25645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25645"
    },
    {
      "name": "CVE-2026-4800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
    },
    {
      "name": "CVE-2026-0540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0540"
    },
    {
      "name": "CVE-2026-28389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
    },
    {
      "name": "CVE-2026-33671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33671"
    },
    {
      "name": "CVE-2026-34515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34515"
    },
    {
      "name": "CVE-2026-34519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34519"
    },
    {
      "name": "CVE-2026-40175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
    },
    {
      "name": "CVE-2026-34518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34518"
    },
    {
      "name": "CVE-2026-34525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34525"
    },
    {
      "name": "CVE-2026-28387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
    },
    {
      "name": "CVE-2026-28388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
    },
    {
      "name": "CVE-2026-4539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4539"
    },
    {
      "name": "CVE-2026-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
    },
    {
      "name": "CVE-2026-22016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
    },
    {
      "name": "CVE-2026-22021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
    },
    {
      "name": "CVE-2026-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
    },
    {
      "name": "CVE-2026-27124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27124"
    },
    {
      "name": "CVE-2026-34268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
    },
    {
      "name": "CVE-2026-28390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
    },
    {
      "name": "CVE-2026-33672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33672"
    },
    {
      "name": "CVE-2026-27459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
    },
    {
      "name": "CVE-2026-34516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34516"
    },
    {
      "name": "CVE-2026-27448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27448"
    },
    {
      "name": "CVE-2026-31789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
    },
    {
      "name": "CVE-2026-34517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34517"
    },
    {
      "name": "CVE-2026-32871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32871"
    },
    {
      "name": "CVE-2026-34513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34513"
    },
    {
      "name": "CVE-2026-34514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34514"
    },
    {
      "name": "CVE-2026-34520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34520"
    },
    {
      "name": "CVE-2025-64340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64340"
    },
    {
      "name": "CVE-2026-28804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28804"
    },
    {
      "name": "CVE-2026-29063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
    },
    {
      "name": "CVE-2026-22815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22815"
    },
    {
      "name": "CVE-2025-13465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
    },
    {
      "name": "CVE-2025-67221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
    },
    {
      "name": "CVE-2026-25547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
    },
    {
      "name": "CVE-2026-31790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
    },
    {
      "name": "CVE-2026-34070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34070"
    }
  ],
  "initial_release_date": "2026-05-07T00:00:00",
  "last_revision_date": "2026-05-07T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0550",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-05-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7271707",
      "url": "https://www.ibm.com/support/pages/node/7271707"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7271922",
      "url": "https://www.ibm.com/support/pages/node/7271922"
    },
    {
      "published_at": "2026-05-04",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7271681",
      "url": "https://www.ibm.com/support/pages/node/7271681"
    },
    {
      "published_at": "2026-05-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7271765",
      "url": "https://www.ibm.com/support/pages/node/7271765"
    }
  ]
}

CERTFR-2026-AVI-0667

Vulnerability from certfr_avis - Published: 2026-05-29 - Updated: 2026-05-29

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Cognos Analytics	Cognos Analytics Mobile versions antérieures à 1.1.26
IBM	Sterling Control Center	Sterling Control Center versions 6.3.1.0 sans le correctif iFix09
IBM	Tivoli Monitoring	Tivoli Monitoring sans le dernier correctif de sécurité
IBM	QRadar SIEM	QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP15 IF03
IBM	Sterling Control Center	Sterling Control Center versions 6.4.2.0 sans le correctif iFix04
IBM	QRadar Suite Software	QRadar Suite Software versions antérieures à 1.11.11.0
IBM	N/A	Analyst Workflow versions antérieures à 3.1.0
IBM	Cloud Pak	Cloud Pak for Security versions antérieures à 1.11.11.0
IBM	Sterling Control Center	Sterling Control Center versions 6.4.1.0 sans le correctif iFix03

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7274185	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7274154	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7274180	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7274183	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7273957	2026-05-25	vendor-advisory
Bulletin de sécurité IBM 7274184	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7274314	2026-05-28	vendor-advisory
Bulletin de sécurité IBM 7274182	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7274181	2026-05-27	vendor-advisory
Bulletin de sécurité IBM 7273803	2026-05-22	vendor-advisory
Bulletin de sécurité IBM 7272901	2026-05-22	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cognos Analytics Mobile versions ant\u00e9rieures \u00e0 1.1.26",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.3.1.0 sans le correctif iFix09",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Tivoli Monitoring sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "Tivoli Monitoring",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP15 IF03",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.4.2.0 sans le correctif iFix04",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.11.11.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Analyst Workflow versions ant\u00e9rieures \u00e0 3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Pak for Security versions ant\u00e9rieures \u00e0 1.11.11.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.4.1.0 sans le correctif iFix03",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-27980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
    },
    {
      "name": "CVE-2026-35388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35388"
    },
    {
      "name": "CVE-2006-10003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-10003"
    },
    {
      "name": "CVE-2026-27135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
    },
    {
      "name": "CVE-2026-41324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41324"
    },
    {
      "name": "CVE-2026-40466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40466"
    },
    {
      "name": "CVE-2026-2229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
    },
    {
      "name": "CVE-2026-35386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35386"
    },
    {
      "name": "CVE-2026-32597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32597"
    },
    {
      "name": "CVE-2025-12816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
    },
    {
      "name": "CVE-2026-22036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22036"
    },
    {
      "name": "CVE-2026-31402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31402"
    },
    {
      "name": "CVE-2025-53643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
    },
    {
      "name": "CVE-2025-68741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68741"
    },
    {
      "name": "CVE-2026-33349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33349"
    },
    {
      "name": "CVE-2026-34982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34982"
    },
    {
      "name": "CVE-2026-33940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33940"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2026-40974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40974"
    },
    {
      "name": "CVE-2026-1527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
    },
    {
      "name": "CVE-2026-32875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32875"
    },
    {
      "name": "CVE-2026-31988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31988"
    },
    {
      "name": "CVE-2024-28102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28102"
    },
    {
      "name": "CVE-2026-40977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40977"
    },
    {
      "name": "CVE-2026-22013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
    },
    {
      "name": "CVE-2026-28421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28421"
    },
    {
      "name": "CVE-2026-1525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
    },
    {
      "name": "CVE-2026-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
    },
    {
      "name": "CVE-2026-31431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
    },
    {
      "name": "CVE-2025-6176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
    },
    {
      "name": "CVE-2025-11953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11953"
    },
    {
      "name": "CVE-2026-23745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
    },
    {
      "name": "CVE-2025-59471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59471"
    },
    {
      "name": "CVE-2026-33941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33941"
    },
    {
      "name": "CVE-2026-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0848"
    },
    {
      "name": "CVE-2025-41248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
    },
    {
      "name": "CVE-2026-33412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33412"
    },
    {
      "name": "CVE-2026-5121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
    },
    {
      "name": "CVE-2025-15284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
    },
    {
      "name": "CVE-2026-34282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34282"
    },
    {
      "name": "CVE-2025-59472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59472"
    },
    {
      "name": "CVE-2026-2581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2581"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2025-64718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
    },
    {
      "name": "CVE-2026-23401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
    },
    {
      "name": "CVE-2025-40252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40252"
    },
    {
      "name": "CVE-2025-66031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
    },
    {
      "name": "CVE-2025-62718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
    },
    {
      "name": "CVE-2026-21860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
    },
    {
      "name": "CVE-2026-4800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
    },
    {
      "name": "CVE-2026-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0847"
    },
    {
      "name": "CVE-2026-4424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
    },
    {
      "name": "CVE-2025-6545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
    },
    {
      "name": "CVE-2026-23865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23865"
    },
    {
      "name": "CVE-2026-28417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28417"
    },
    {
      "name": "CVE-2023-5764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5764"
    },
    {
      "name": "CVE-2026-5598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
    },
    {
      "name": "CVE-2026-30922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
    },
    {
      "name": "CVE-2026-23191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
    },
    {
      "name": "CVE-2026-2359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2359"
    },
    {
      "name": "CVE-2026-6918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6918"
    },
    {
      "name": "CVE-2026-35535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35535"
    },
    {
      "name": "CVE-2025-68724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
    },
    {
      "name": "CVE-2026-33939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33939"
    },
    {
      "name": "CVE-2026-27699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27699"
    },
    {
      "name": "CVE-2025-65945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
    },
    {
      "name": "CVE-2026-33228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
    },
    {
      "name": "CVE-2025-12758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12758"
    },
    {
      "name": "CVE-2026-40175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
    },
    {
      "name": "CVE-2026-41044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41044"
    },
    {
      "name": "CVE-2006-10002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-10002"
    },
    {
      "name": "CVE-2026-5795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5795"
    },
    {
      "name": "CVE-2026-40975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40975"
    },
    {
      "name": "CVE-2026-27942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27942"
    },
    {
      "name": "CVE-2024-41073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
    },
    {
      "name": "CVE-2026-26960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26960"
    },
    {
      "name": "CVE-2025-5187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
    },
    {
      "name": "CVE-2026-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4923"
    },
    {
      "name": "CVE-2026-4867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4867"
    },
    {
      "name": "CVE-2024-9902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9902"
    },
    {
      "name": "CVE-2024-8775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
    },
    {
      "name": "CVE-2026-27199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27199"
    },
    {
      "name": "CVE-2026-27903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27903"
    },
    {
      "name": "CVE-2025-66471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2025-66030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
    },
    {
      "name": "CVE-2024-11079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
    },
    {
      "name": "CVE-2026-23897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23897"
    },
    {
      "name": "CVE-2026-35385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35385"
    },
    {
      "name": "CVE-2026-34601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34601"
    },
    {
      "name": "CVE-2026-29057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29057"
    },
    {
      "name": "CVE-2026-32874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32874"
    },
    {
      "name": "CVE-2026-4519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
    },
    {
      "name": "CVE-2026-34197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34197"
    },
    {
      "name": "CVE-2026-25128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25128"
    },
    {
      "name": "CVE-2025-13333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13333"
    },
    {
      "name": "CVE-2025-12635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12635"
    },
    {
      "name": "CVE-2026-24842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
    },
    {
      "name": "CVE-2025-66221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
    },
    {
      "name": "CVE-2026-23950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
    },
    {
      "name": "CVE-2026-33036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
    },
    {
      "name": "CVE-2026-35414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35414"
    },
    {
      "name": "CVE-2026-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
    },
    {
      "name": "CVE-2026-3304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3304"
    },
    {
      "name": "CVE-2026-33916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33916"
    },
    {
      "name": "CVE-2026-22016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
    },
    {
      "name": "CVE-2026-22021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
    },
    {
      "name": "CVE-2026-6100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6100"
    },
    {
      "name": "CVE-2026-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
    },
    {
      "name": "CVE-2026-34268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
    },
    {
      "name": "CVE-2026-29786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29786"
    },
    {
      "name": "CVE-2024-29371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
    },
    {
      "name": "CVE-2026-1519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
    },
    {
      "name": "CVE-2026-1528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
    },
    {
      "name": "CVE-2023-26132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26132"
    },
    {
      "name": "CVE-2026-1526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
    },
    {
      "name": "CVE-2026-33937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33937"
    },
    {
      "name": "CVE-2026-31808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31808"
    },
    {
      "name": "CVE-2026-27459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
    },
    {
      "name": "CVE-2026-25639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
    },
    {
      "name": "CVE-2026-40973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40973"
    },
    {
      "name": "CVE-2026-39373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-39373"
    },
    {
      "name": "CVE-2026-27448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27448"
    },
    {
      "name": "CVE-2026-8620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8620"
    },
    {
      "name": "CVE-2025-69277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69277"
    },
    {
      "name": "CVE-2026-8633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-8633"
    },
    {
      "name": "CVE-2026-26278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2026-23490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
    },
    {
      "name": "CVE-2025-14009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14009"
    },
    {
      "name": "CVE-2025-7339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
    },
    {
      "name": "CVE-2025-41249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
    },
    {
      "name": "CVE-2026-25896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25896"
    },
    {
      "name": "CVE-2026-26996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
    },
    {
      "name": "CVE-2026-4786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4786"
    },
    {
      "name": "CVE-2026-33938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33938"
    },
    {
      "name": "CVE-2025-64756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
    },
    {
      "name": "CVE-2026-32141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
    },
    {
      "name": "CVE-2026-30951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30951"
    },
    {
      "name": "CVE-2026-35387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35387"
    },
    {
      "name": "CVE-2026-24001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24001"
    },
    {
      "name": "CVE-2025-58754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
    },
    {
      "name": "CVE-2026-27837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27837"
    },
    {
      "name": "CVE-2025-6547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
    },
    {
      "name": "CVE-2026-29063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
    },
    {
      "name": "CVE-2026-39983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
    },
    {
      "name": "CVE-2026-22008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22008"
    },
    {
      "name": "CVE-2025-14813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
    },
    {
      "name": "CVE-2026-31802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-31802"
    },
    {
      "name": "CVE-2025-13465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
    },
    {
      "name": "CVE-2025-67221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
    },
    {
      "name": "CVE-2026-4926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
    },
    {
      "name": "CVE-2026-25547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
    },
    {
      "name": "CVE-2026-27904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
    },
    {
      "name": "CVE-2026-2739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2739"
    },
    {
      "name": "CVE-2024-56462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56462"
    },
    {
      "name": "CVE-2026-35213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35213"
    },
    {
      "name": "CVE-2025-66418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
    },
    {
      "name": "CVE-2026-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0846"
    }
  ],
  "initial_release_date": "2026-05-29T00:00:00",
  "last_revision_date": "2026-05-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0667",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274185",
      "url": "https://www.ibm.com/support/pages/node/7274185"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274154",
      "url": "https://www.ibm.com/support/pages/node/7274154"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274180",
      "url": "https://www.ibm.com/support/pages/node/7274180"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274183",
      "url": "https://www.ibm.com/support/pages/node/7274183"
    },
    {
      "published_at": "2026-05-25",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7273957",
      "url": "https://www.ibm.com/support/pages/node/7273957"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274184",
      "url": "https://www.ibm.com/support/pages/node/7274184"
    },
    {
      "published_at": "2026-05-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274314",
      "url": "https://www.ibm.com/support/pages/node/7274314"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274182",
      "url": "https://www.ibm.com/support/pages/node/7274182"
    },
    {
      "published_at": "2026-05-27",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7274181",
      "url": "https://www.ibm.com/support/pages/node/7274181"
    },
    {
      "published_at": "2026-05-22",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7273803",
      "url": "https://www.ibm.com/support/pages/node/7273803"
    },
    {
      "published_at": "2026-05-22",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7272901",
      "url": "https://www.ibm.com/support/pages/node/7272901"
    }
  ]
}

FKIE_CVE-2021-23337

Vulnerability from fkie_nvd - Published: 2021-02-15 13:15 - Updated: 2024-11-21 05:51

Severity

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

References

URL	Tags
report@snyk.io	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch, Third Party Advisory
report@snyk.io	https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851	Broken Link
report@snyk.io	https://security.netapp.com/advisory/ntap-20210312-0006/	Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932	Exploit, Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930	Exploit, Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928	Exploit, Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931	Exploit, Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929	Exploit, Third Party Advisory
report@snyk.io	https://snyk.io/vuln/SNYK-JS-LODASH-1040724	Exploit, Third Party Advisory
report@snyk.io	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
report@snyk.io	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
report@snyk.io	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory
report@snyk.io	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20210312-0006/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://snyk.io/vuln/SNYK-JS-LODASH-1040724	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
lodash	lodash	*
oracle	banking_corporate_lending_process_management	14.2.0
oracle	banking_corporate_lending_process_management	14.3.0
oracle	banking_corporate_lending_process_management	14.5.0
oracle	banking_credit_facilities_process_management	14.2.0
oracle	banking_credit_facilities_process_management	14.3.0
oracle	banking_credit_facilities_process_management	14.5.0
oracle	banking_extensibility_workbench	14.2.0
oracle	banking_extensibility_workbench	14.3.0
oracle	banking_extensibility_workbench	14.5.0
oracle	banking_supply_chain_finance	14.2.0
oracle	banking_supply_chain_finance	14.3.0
oracle	banking_supply_chain_finance	14.5.0
oracle	banking_trade_finance_process_management	14.2.0
oracle	banking_trade_finance_process_management	14.3.0
oracle	banking_trade_finance_process_management	14.5.0
oracle	communications_cloud_native_core_binding_support_function	1.9.0
oracle	communications_cloud_native_core_policy	1.11.0
oracle	communications_design_studio	7.4.2.0.0
oracle	communications_services_gatekeeper	7.0
oracle	communications_session_border_controller	8.4
oracle	communications_session_border_controller	9.0
oracle	enterprise_communications_broker	3.2.0
oracle	enterprise_communications_broker	3.3.0
oracle	financial_services_crime_and_compliance_management_studio	8.0.8.2.0
oracle	financial_services_crime_and_compliance_management_studio	8.0.8.3.0
oracle	health_sciences_data_management_workbench	2.5.2.1
oracle	health_sciences_data_management_workbench	3.0.0.0
oracle	jd_edwards_enterpriseone_tools	*
oracle	peoplesoft_enterprise_peopletools	8.58
oracle	peoplesoft_enterprise_peopletools	8.59
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_gateway	*
oracle	primavera_unifier	*
oracle	primavera_unifier	18.8
oracle	primavera_unifier	19.12
oracle	primavera_unifier	20.12
oracle	retail_customer_management_and_segmentation_foundation	19.0
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	active_iq_unified_manager	-
netapp	cloud_manager	-
netapp	system_manager	9.0
siemens	sinec_ins	*
siemens	sinec_ins	1.0
siemens	sinec_ins	1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "D51E96E4-8E0F-4B1D-ACAD-DB726036467F",
              "versionEndExcluding": "4.17.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF9A061-2421-426D-9854-0A4E55B2961D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F95EDC3D-54BB-48F9-82F2-7CCF335FCA78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B72B735F-4E52-484A-9C2C-23E6E2070385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B36A1D4-F391-4EE3-9A65-0A10568795BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55116032-AAD1-4FEA-9DA8-2C4CBD3D3F61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0275F820-40BE-47B8-B167-815A55DF578E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8E145E-1DF0-4B18-B625-F04DF71F6ACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EABAFD73-150F-4DFE-B721-29EB4475D979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A45D47B-3401-49CF-92EE-79D007D802A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A8420D4-AAF1-44AA-BF28-48EE3ED310B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB80AC5-35F2-4703-AD93-416B46972EEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DAAEFF-AB4A-4D0D-8C86-D2F2811B53B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E14324D-B9EE-4C06-ACC7-255189ED6300",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBEBB60F-6EAB-4AE5-B777-5044C657FBA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B185C1EA-71E6-4972-8637-08A33CC00841",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "868E7C46-7E45-4CFA-8A25-7CBFED912096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC7DB86F-3FAA-43C1-9C44-7CC5FB34419E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "040DA31B-2A0C-46F6-8EDF-9B88F9FB0F48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C416FD3-2E2F-4BBC-BD5F-F896825883F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D886339E-EDB2-4879-BD54-1800E4CA9CAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "348EEE70-E114-4720-AAAF-E77DE5C9A2D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DCDD73B-57B1-4580-B922-5662E3AC13B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55F091C7-0869-4FD6-AC73-DA697D990304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D134C60-F9E2-46C2-8466-DB90AD98439E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9A32B-B776-4704-818D-977B4B20D677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6989178B-A3D5-4441-A56C-6C639D4759DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1298AA2-0103-4457-B260-F976B78468E7",
              "versionEndExcluding": "9.2.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48",
              "versionEndIncluding": "17.12.11",
              "versionStartIncluding": "17.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "301E7158-9090-467C-B3B4-30A8DB3B395D",
              "versionEndIncluding": "18.8.12",
              "versionStartIncluding": "18.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEFACB1-C8EA-492B-8F85-A564DB363C83",
              "versionEndIncluding": "19.12.11",
              "versionStartIncluding": "19.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792",
              "versionEndIncluding": "20.12.7",
              "versionStartIncluding": "20.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
              "versionEndIncluding": "17.12",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
              "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "197D0D80-6702-4B61-B681-AFDBA7D69067",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:system_manager:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0968FEE3-7685-4747-AEC0-DB6E0F35E256",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C89891C1-DFD7-4E1F-80A9-7485D86A15B5",
              "versionEndExcluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4664B195-AF14-4834-82B3-0B2C98020EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "75BC588E-CDF0-404E-AD61-02093A1DF343",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function."
    },
    {
      "lang": "es",
      "value": "Las versiones de Lodash anteriores a la 4.17.21 son vulnerables a la inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n de plantilla"
    }
  ],
  "id": "CVE-2021-23337",
  "lastModified": "2024-11-21T05:51:31.643",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "report@snyk.io",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-02-15T13:15:12.560",
  "references": [
    {
      "source": "report@snyk.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Broken Link"
      ],
      "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "report@snyk.io",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "report@snyk.io",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-35JH-R3H4-6JHM

Vulnerability from github – Published: 2021-05-06 16:05 – Updated: 2025-08-12 21:44

Summary

Command Injection in lodash

Details

lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Severity

7.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "lodash"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.17.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "lodash-es"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.17.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "lodash.template"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "lodash-template"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "lodash-rails"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.17.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-23337"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-77",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-03-31T23:59:26Z",
    "nvd_published_at": "2021-02-15T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "`lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function.",
  "id": "GHSA-35jh-r3h4-6jhm",
  "modified": "2025-08-12T21:44:24Z",
  "published": "2021-05-06T16:05:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210312-0006"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/lodash-rails/CVE-2021-23337.yml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/lodash/lodash"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Command Injection in lodash"
}

GSD-2021-23337

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Aliases

CVE-2021-23337

Aliases

CVE-2021-23337

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-23337",
    "description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.",
    "id": "GSD-2021-23337",
    "references": [
      "https://access.redhat.com/errata/RHSA-2021:3459",
      "https://access.redhat.com/errata/RHSA-2021:3016",
      "https://access.redhat.com/errata/RHSA-2021:2543",
      "https://access.redhat.com/errata/RHSA-2021:2438",
      "https://access.redhat.com/errata/RHSA-2021:2179",
      "https://access.redhat.com/errata/RHSA-2021:1168",
      "https://access.redhat.com/errata/RHSA-2022:6429"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-23337"
      ],
      "details": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.",
      "id": "GSD-2021-23337",
      "modified": "2023-12-13T01:23:29.821716Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "report@snyk.io",
        "DATE_PUBLIC": "2021-02-15T12:13:18.729628Z",
        "ID": "CVE-2021-23337",
        "STATE": "PUBLIC",
        "TITLE": "Command Injection"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Lodash",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "prior to 4.17.21"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Marc Hassan"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Command Injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
          },
          {
            "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
          },
          {
            "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
          },
          {
            "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
          },
          {
            "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
          },
          {
            "name": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932",
            "refsource": "MISC",
            "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
          },
          {
            "name": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851",
            "refsource": "MISC",
            "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
          },
          {
            "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20210312-0006/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c4.17.21",
          "affected_versions": "All versions before 4.17.21",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-77",
            "CWE-937"
          ],
          "date": "2022-03-11",
          "description": "Lodash versions prior to 4.17.21 is vulnerable to Command Injection via the template function.",
          "fixed_versions": [
            "4.17.21"
          ],
          "identifier": "CVE-2021-23337",
          "identifiers": [
            "GHSA-35jh-r3h4-6jhm",
            "CVE-2021-23337"
          ],
          "not_impacted": "All versions starting from 4.17.21",
          "package_slug": "npm/lodash-es",
          "pubdate": "2021-05-06",
          "solution": "Upgrade to version 4.17.21 or above.",
          "title": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-23337",
            "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
            "https://security.netapp.com/advisory/ntap-20210312-0006/",
            "https://snyk.io/vuln/SNYK-JS-LODASH-1040724",
            "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js#L14851",
            "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851",
            "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932",
            "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930",
            "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928",
            "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931",
            "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929",
            "https://www.oracle.com//security-alerts/cpujul2021.html",
            "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "https://www.oracle.com/security-alerts/cpujan2022.html",
            "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
          ],
          "uuid": "184536e5-d9eb-45b5-a8c4-e92e707c9cce"
        },
        {
          "affected_range": "\u003c4.17.21",
          "affected_versions": "All versions before 4.17.21",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937",
            "CWE-94"
          ],
          "date": "2022-09-13",
          "description": "All versions of package lodash; all versions of package `org.fujion.webjars:lodash` is vulnerable to Command Injection via template.",
          "fixed_versions": [
            "4.17.21"
          ],
          "identifier": "CVE-2021-23337",
          "identifiers": [
            "CVE-2021-23337"
          ],
          "not_impacted": "All versions starting from 4.17.21",
          "package_slug": "npm/lodash",
          "pubdate": "2021-02-15",
          "solution": "Upgrade to version 4.17.21 or above.",
          "title": "Command Injection",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-23337"
          ],
          "uuid": "e5737c01-5af2-4fe9-99c0-c232d7960f2b"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.17.21",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12",
                "versionStartIncluding": "17.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "17.12.11",
                "versionStartIncluding": "17.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "20.12.7",
                "versionStartIncluding": "20.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "19.12.11",
                "versionStartIncluding": "19.12.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "18.8.12",
                "versionStartIncluding": "18.8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.2.6.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:netapp:system_manager:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "report@snyk.io",
          "ID": "CVE-2021-23337"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBLODASH-1074931"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074929"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGFUJIONWEBJARS-1074932"
            },
            {
              "name": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851",
              "refsource": "MISC",
              "tags": [
                "Broken Link"
              ],
              "url": "https://github.com/lodash/lodash/blob/ddfd9b11a0126db2302cb70ec9973b66baec0975/lodash.js%23L14851"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074930"
            },
            {
              "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074928"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210312-0006/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20210312-0006/"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-09-13T21:25Z",
      "publishedDate": "2021-02-15T13:15Z"
    }
  }
}

ICSA-22-258-05

Vulnerability from csaf_cisa - Published: 2022-09-13 00:00 - Updated: 2022-09-13 00:00

Summary

Siemens SINEC INS

Notes

Summary: Multiple vulnerabilities affecting various third-party components of SINEC INS before V1.0 SP2 could allow an attacker to cause a denial of service condition, disclose sensitive data or violate the system integrity. Siemens has released an update for the SINEC INS and recommends to update to the latest version.

General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial- security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.

Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.

Critical infrastructure sectors: Multiple

Countries/areas deployed: Worldwide

Company headquarters location: Germany

Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CVE-2020-7793

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2020-12762

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2020-28168

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2020-28500

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-3749

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-4160

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-23337

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-23839

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

CWE-326 - Inadequate Encryption Strength

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-23841

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-25217

8.8 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2021-25220

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2022-0155

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2022-0235

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

CVE-2022-0396

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SINEC INS Siemens / SINEC INS		<V1.0_SP2	Vendor Fix fix

References

11 references

URL	Category
https://cert-portal.siemens.com/productcert/csaf/…	self
https://cert-portal.siemens.com/productcert/txt/s…	self
https://cert-portal.siemens.com/productcert/pdf/s…	self
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-…	external
https://www.cisa.gov/resources-tools/resources/ic…	external
https://www.cisa.gov/topics/industrial-control-systems	external
https://us-cert.cisa.gov/sites/default/files/reco…	external
https://www.cisa.gov/sites/default/files/publicat…	external
https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B	external

Acknowledgments

Siemens ProductCERT

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "notes": [
      {
        "category": "summary",
        "text": "Multiple vulnerabilities affecting various third-party components of\nSINEC INS before V1.0 SP2 could allow an attacker to cause a denial of\nservice condition, disclose sensitive data or violate the system\nintegrity.    Siemens has released an update for the SINEC INS and\nrecommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json"
      },
      {
        "category": "self",
        "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-637483.txt"
      },
      {
        "category": "self",
        "summary": "SSA-637483 Third-Party Component Vulnerabilities in SINEC INS before V1.0 SP2 - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-258-05 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-258-05.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-258-05 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens SINEC INS",
    "tracking": {
      "current_release_date": "2022-09-13T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-258-05",
      "initial_release_date": "2022-09-13T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-09-13T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV1.0_SP2",
                "product": {
                  "name": "SINEC INS",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SINEC INS"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7793",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-7793"
    },
    {
      "cve": "CVE-2020-12762",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-12762"
    },
    {
      "cve": "CVE-2020-28168",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-28168"
    },
    {
      "cve": "CVE-2020-28500",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-28500"
    },
    {
      "cve": "CVE-2021-3749",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "axios is vulnerable to Inefficient Regular Expression Complexity",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-3749"
    },
    {
      "cve": "CVE-2021-4160",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-4160"
    },
    {
      "cve": "CVE-2021-23337",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-23337"
    },
    {
      "cve": "CVE-2021-23839",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this indicates that a version rollback has occurred (i.e. both client and server support greater than SSLv2, and yet this is the version that is being requested). The implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present, and rejected if it is absent. This means that such as server will accept a connection if a version rollback attack has occurred. Further the server will erroneously reject a connection if a normal SSLv2 connection attempt is made. Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this issue. In order to be vulnerable a 1.0.2 server must: 1) have configured SSLv2 support at compile time (this is off by default), 2) have configured SSLv2 support at runtime (this is off by default), 3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite list) OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to this issue. The underlying error is in the implementation of the RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING padding mode used by various other functions. Although 1.1.1 does not support SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the RSA_SSLV23_PADDING padding mode. Applications that directly call that function or use that padding mode will encounter this issue. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-23839"
    },
    {
      "cve": "CVE-2021-23841",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-23841"
    },
    {
      "cve": "CVE-2021-25217",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected products contain the third party component, ISC DHCP, that possesses a vulnerability if used as a DHCP client or server. The vulnerability affects the DHCP package when storing and reading DHCP lease information containing particular option information.\r\n\r\nAn attacker could exploit this vulnerability to affect the availability of the DHCP client or server, or in the worst case affect the confidentiality or integrity of device through a buffer overflow or cause a remote-code execution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-25217"
    },
    {
      "cve": "CVE-2021-25220",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BIND 9.11.0 -\u003e 9.11.36 9.12.0 -\u003e 9.16.26 9.17.0 -\u003e 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -\u003e 9.11.36-S1 9.16.8-S1 -\u003e 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-25220"
    },
    {
      "cve": "CVE-2022-0155",
      "cwe": {
        "id": "CWE-359",
        "name": "Exposure of Private Personal Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-0155"
    },
    {
      "cve": "CVE-2022-0235",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-0235"
    },
    {
      "cve": "CVE-2022-0396",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BIND 9.16.11 -\u003e 9.16.26, 9.17.0 -\u003e 9.18.0 and versions 9.16.11-S1 -\u003e 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V1.0 SP2 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812610/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-0396"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-23337 (GCVE-0-2021-23337)

Solutions

Solutions

Solutions

Solutions

Solutions

Solutions

Tags

Sightings

Nomenclature