Vulnerability-Lookup

CVE-2021-24122 (GCVE-0-2021-24122)

Vulnerability from cvelistv5 – Published: 2021-01-14 14:45 – Updated: 2025-02-13 16:27

Title

Apache Tomcat information disclosure

Summary

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Severity

No CVSS data available.

CWE

CWE-200 - Information Exposure

Assigner

apache

References

12 references

URL	Tags
https://lists.apache.org/thread.html/r1595889b083…	x_refsource_MISC
https://lists.apache.org/thread.html/r1595889b083…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rca833c6d42b…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r776c6433749…	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2021/01/14/1	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r1595889b083…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r7e0bb9ea415…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rb32a73b7cb9…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r7382e1e35b9…	mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021021…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Tomcat	Affected: Apache Tomcat 10 , < 10.0.0-M10 (custom) Affected: Apache Tomcat 9 , < 9.0.40 (custom) Affected: Apache Tomcat 8.5 , < 8.5.60 (custom) Affected: Apache Tomcat 7 , < 7.0.106 (custom)

Credits

This issue was identified by Ilja Brander.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:21:18.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20210114 Re: Releases?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/01/14/1"
          },
          {
            "name": "[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9%40%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710%40%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210212-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "10.0.0-M10",
              "status": "affected",
              "version": "Apache Tomcat 10",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0.40",
              "status": "affected",
              "version": "Apache Tomcat 9",
              "versionType": "custom"
            },
            {
              "lessThan": "8.5.60",
              "status": "affected",
              "version": "Apache Tomcat 8.5",
              "versionType": "custom"
            },
            {
              "lessThan": "7.0.106",
              "status": "affected",
              "version": "Apache Tomcat 7",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was identified by Ilja Brander."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-03T19:22:50.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomee-dev] 20210114 Re: Releases?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "name": "[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/01/14/1"
        },
        {
          "name": "[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.apache.org%3E"
        },
        {
          "name": "[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9%40%3Cusers.tomcat.apache.org%3E"
        },
        {
          "name": "[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710%40%3Cdev.tomee.apache.org%3E"
        },
        {
          "name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210212-0008/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Tomcat information disclosure",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-24122",
          "STATE": "PUBLIC",
          "TITLE": "Apache Tomcat information disclosure"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Tomcat",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache Tomcat 10",
                            "version_value": "10.0.0-M10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache Tomcat 9",
                            "version_value": "9.0.40"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache Tomcat 8.5",
                            "version_value": "8.5.60"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "Apache Tomcat 7",
                            "version_value": "7.0.106"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was identified by Ilja Brander."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200 Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomee-dev] 20210114 Re: Releases?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E"
            },
            {
              "name": "[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/01/14/1"
            },
            {
              "name": "[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E"
            },
            {
              "name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210212-0008/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210212-0008/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2021-24122",
    "datePublished": "2021-01-14T14:45:18.000Z",
    "dateReserved": "2021-01-14T00:00:00.000Z",
    "dateUpdated": "2025-02-13T16:27:47.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-24122",
      "date": "2026-05-31",
      "epss": "0.61383",
      "percentile": "0.98347"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-24122\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-01-14T15:15:13.400\",\"lastModified\":\"2024-11-21T05:52:23.897\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.\"},{\"lang\":\"es\",\"value\":\"Cuando se sirven recursos desde una ubicaci\u00f3n de red usando el sistema de archivos NTFS, Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M9, versiones 9.0.0.M1 hasta 9.0.39, versiones 8.5.0 hasta 8.5.59 y versiones 7.0.0 hasta 7.0.106, fueron susceptibles a una divulgaci\u00f3n del c\u00f3digo fuente JSP en algunas configuraciones.\u0026#xa0;La causa ra\u00edz fue el comportamiento inesperado de la funci\u00f3n File.getCanonicalPath() de la API JRE que a su vez fue causado por el comportamiento incoherente de la API de Windows (FindFirstFileW) en algunas circunstancias\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-706\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndIncluding\":\"7.0.106\",\"matchCriteriaId\":\"AD7B0066-F7CD-4609-91F5-A778DD56EAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.59\",\"matchCriteriaId\":\"1F74CD42-7B43-4444-B121-B9C1ECFDB67D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.1\",\"versionEndIncluding\":\"9.0.39\",\"matchCriteriaId\":\"2EA947E9-FC93-4FAA-9988-27BC4C26CA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D0689FE-4BC0-4F53-8C79-34B21F9B86C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B129B2-FB6F-4EF9-BF12-E589A87996CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6787B6-54A8-475E-BA1C-AB99334B2535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6DA0BE-908C-4DA8-A191-A0113235E99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*\",\"matchCriteriaId\":\"39029C72-28B4-46A4-BFF5-EC822CFB2A4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2E05A3-014F-4C4D-81E5-88E725FBD6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C533C-0833-41D5-99B6-17A4FAB3CAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768C60-21FA-4B92-B98C-C3A2602D1BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F542E12-6BA8-4504-A494-DA83E7E19BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2409CC7-6A85-4A66-A457-0D62B9895DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A7E5-4455-4B1C-8FAC-AE6DDC70689E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF411DDA-2601-449A-9046-D250419A0E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B4FBF97-DE16-4E5E-BE19-471E01818D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B266B1E-24B5-47EE-A421-E0E3CC0C7471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*\",\"matchCriteriaId\":\"29614C3A-6FB3-41C7-B56E-9CC3F45B04F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AB156C-8FF6-4727-AF75-590D0DCB3F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C5F004-F7D8-45DB-B173-351C50B0EC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1902D2E-1896-4D3D-9E1C-3A675255072C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"49AAF4DF-F61D-47A8-8788-A21E317A145D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"454211D0-60A2-4661-AECA-4C0121413FEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0686F977-889F-4960-8E0B-7784B73A7F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"558703AE-DB5E-4DFF-B497-C36694DD7B24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED6273F2-1165-47A4-8DD7-9E9B2472941B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"90CD7E85-4FF9-4158-AC78-4BFCBC882A65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EA56B52-1015-40CD-B10C-393768094269\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"501B0D4A-D636-4736-979B-D5023599CEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E7764F-BF9E-463E-B446-A9A8DB92BB97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"53A9F7EE-AF2A-43E5-B708-0198784AB45A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC872C5F-63AF-4BB8-8629-334FC9704AE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"94B95C95-DF3E-49C1-9CA0-4474DD7EF7B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"310B0163-01DE-40DA-A2EA-FFA4A6100037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"75420449-A951-4133-A5F1-4C01F2DF843B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14ABF04-E460-4911-9C6C-B7BCEFE68E9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/14/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710%40%3Cdev.tomee.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d%40%3Cdev.tomee.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9%40%3Cusers.tomcat.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210212-0008/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/01/14/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710%40%3Cdev.tomee.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d%40%3Cdev.tomee.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9%40%3Cusers.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210212-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

WID-SEC-W-2022-0607

Vulnerability from csaf_certbund - Published: 2022-07-07 22:00 - Updated: 2025-11-18 23:00

Summary

Red Hat FUSE: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Fuse ist eine Open-Source-Integrationsplattform, die auf Apache Camel basiert.

Angriff: Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat FUSE ausnutzen, um vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, einen Denial of Service Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, Daten und Informationen zu manipulieren und seine Privilegien zu erweitern.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2020-15250

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2020-25689

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2020-29582

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2020-36518

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2020-7020

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2020-9484

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-22060

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-22096

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-22119

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-22569

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-22573

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-24122

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-2471

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-25122

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-25329

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-29505

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-30640

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-33037

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-33813

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-35515

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-35516

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-35517

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-36090

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-3629

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-3642

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-3644

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-3807

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-38153

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-3859

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-40690

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-41079

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-41766

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-4178

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-42340

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-42550

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-43797

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2021-43859

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-0084

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-1259

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-1319

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-21363

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-21724

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22932

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22950

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22968

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22970

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22971

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22976

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-22978

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-23181

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-23221

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-23596

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-23913

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-24614

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-25845

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-26336

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-26520

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

CVE-2022-30126

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat FUSE <7.11.0 Red Hat / FUSE		<7.11.0
NetApp ActiveIQ Unified Manager NetApp	`cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~`	—
IBM Spectrum Protect Plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	Plus 10.1
Hitachi Ops Center Hitachi	`cpe:/a:hitachi:ops_center:-`	—
IBM QRadar SIEM 7.5 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.5`	7.5
EMC Avamar EMC	`cpe:/a:emc:avamar:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat JBoss Enterprise Application Platform <7.1.10 Red Hat / JBoss Enterprise Application Platform		<7.1.10
IBM QRadar SIEM IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:-`	—
IBM QRadar SIEM 7.4 IBM / QRadar SIEM	`cpe:/a:ibm:qradar_siem:7.4`	7.4
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Red Hat JBoss Enterprise Application Platform <7.3.13 Red Hat / JBoss Enterprise Application Platform		<7.3.13
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

References

39 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2022:5532	external
https://access.redhat.com/errata/RHSA-2022:5596	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://lists.debian.org/debian-security-announce…	external
https://access.redhat.com/errata/RHSA-2022:5903	external
https://access.redhat.com/errata/RHSA-2022:6787	external
https://access.redhat.com/errata/RHSA-2022:6783	external
https://access.redhat.com/errata/RHSA-2022:6782	external
https://access.redhat.com/errata/RHSA-2022:6822	external
https://access.redhat.com/errata/RHSA-2022:6823	external
https://access.redhat.com/errata/RHSA-2022:6825	external
https://access.redhat.com/errata/RHSA-2022:6821	external
https://access.redhat.com/errata/RHSA-2022:6813	external
https://access.redhat.com/errata/RHSA-2022:6835	external
https://security.netapp.com/advisory/ntap-2022101…	external
https://www.ibm.com/blogs/psirt/security-bulletin…	external
https://access.redhat.com/errata/RHSA-2022:7177	external
https://access.redhat.com/errata/RHSA-2022:7257	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://www.hitachi.co.jp/Prod/comp/soft1/global/…	external
https://access.redhat.com/errata/RHSA-2022:7417	external
https://access.redhat.com/errata/RHSA-2022:7409	external
https://access.redhat.com/errata/RHSA-2022:7411	external
https://access.redhat.com/errata/RHSA-2022:7410	external
https://access.redhat.com/errata/RHSA-2022:7896	external
https://access.redhat.com/errata/RHSA-2022:8761	external
https://access.redhat.com/errata/RHSA-2023:0272	external
https://www.dell.com/support/kbdoc/000221770/dsa-2024-=	external
https://www.ibm.com/support/pages/node/7144861	external
https://access.redhat.com/errata/RHSA-2024:3061	external
https://access.redhat.com/errata/RHSA-2025:4226	external
https://access.redhat.com/errata/RHSA-2025:4437	external
https://access.redhat.com/errata/RHSA-2025:9583	external
https://access.redhat.com/errata/RHSA-2025:9582	external
https://www.ibm.com/support/pages/node/7249276	external
https://confluence.atlassian.com/security/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Fuse ist eine Open-Source-Integrationsplattform, die auf Apache Camel basiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat FUSE ausnutzen, um vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten und Informationen zu manipulieren und seine Privilegien zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0607 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0607.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0607 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0607"
      },
      {
        "category": "external",
        "summary": "RHSA-2022:5532 - Security Advisory vom 2022-07-07",
        "url": "https://access.redhat.com/errata/RHSA-2022:5532"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:5596 vom 2022-07-20",
        "url": "https://access.redhat.com/errata/RHSA-2022:5596"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-125 vom 2022-07-28",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-125/index.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-124 vom 2022-07-28",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-124/index.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5196 vom 2022-07-31",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00165.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:5903 vom 2022-08-04",
        "url": "https://access.redhat.com/errata/RHSA-2022:5903"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6787 vom 2022-10-04",
        "url": "https://access.redhat.com/errata/RHSA-2022:6787"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6783 vom 2022-10-04",
        "url": "https://access.redhat.com/errata/RHSA-2022:6783"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6782 vom 2022-10-04",
        "url": "https://access.redhat.com/errata/RHSA-2022:6782"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6822 vom 2022-10-05",
        "url": "https://access.redhat.com/errata/RHSA-2022:6822"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6823 vom 2022-10-05",
        "url": "https://access.redhat.com/errata/RHSA-2022:6823"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6825 vom 2022-10-05",
        "url": "https://access.redhat.com/errata/RHSA-2022:6825"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6821 vom 2022-10-05",
        "url": "https://access.redhat.com/errata/RHSA-2022:6821"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6813 vom 2022-10-05",
        "url": "https://access.redhat.com/errata/RHSA-2022:6813"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6835 vom 2022-10-06",
        "url": "https://access.redhat.com/errata/RHSA-2022:6835"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20221014-0006 vom 2022-10-14",
        "url": "https://security.netapp.com/advisory/ntap-20221014-0006/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6831855 vom 2022-10-26",
        "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7177 vom 2022-10-25",
        "url": "https://access.redhat.com/errata/RHSA-2022:7177"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7257 vom 2022-10-29",
        "url": "https://access.redhat.com/errata/RHSA-2022:7257"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-135 vom 2022-11-01",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-135/index.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2022-137 vom 2022-11-01",
        "url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-137/index.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7417 vom 2022-11-03",
        "url": "https://access.redhat.com/errata/RHSA-2022:7417"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7409 vom 2022-11-03",
        "url": "https://access.redhat.com/errata/RHSA-2022:7409"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7411 vom 2022-11-03",
        "url": "https://access.redhat.com/errata/RHSA-2022:7411"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7410 vom 2022-11-03",
        "url": "https://access.redhat.com/errata/RHSA-2022:7410"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7896 vom 2022-11-09",
        "url": "https://access.redhat.com/errata/RHSA-2022:7896"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8761 vom 2022-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2022:8761"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:0272 vom 2023-02-06",
        "url": "https://access.redhat.com/errata/RHSA-2023:0272"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-070 vom 2024-02-03",
        "url": "https://www.dell.com/support/kbdoc/000221770/dsa-2024-="
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7144861 vom 2024-03-20",
        "url": "https://www.ibm.com/support/pages/node/7144861"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3061 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3061"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4226 vom 2025-04-28",
        "url": "https://access.redhat.com/errata/RHSA-2025:4226"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4437 vom 2025-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2025:4437"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:9583 vom 2025-06-25",
        "url": "https://access.redhat.com/errata/RHSA-2025:9583"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:9582 vom 2025-06-25",
        "url": "https://access.redhat.com/errata/RHSA-2025:9582"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7249276 vom 2025-10-27",
        "url": "https://www.ibm.com/support/pages/node/7249276"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat FUSE: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T09:42:43.092+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2022-0607",
      "initial_release_date": "2022-07-07T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-07-07T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-07-19T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-07-28T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2022-07-31T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-08-03T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-04T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-05T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-06T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-16T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2022-10-25T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von IBM und Red Hat aufgenommen"
        },
        {
          "date": "2022-10-30T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-10-31T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2022-11-03T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-11-09T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-14T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-02-06T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-04T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-03-20T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-27T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-28T22:00:00.000+00:00",
          "number": "21",
          "summary": "Red Hat JBoss Enterprise Application Platform ist ebenfalls betrroffen"
        },
        {
          "date": "2025-05-04T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-06-24T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-10-27T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "25"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC Avamar",
            "product": {
              "name": "EMC Avamar",
              "product_id": "T014381",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:avamar:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Ops Center",
            "product": {
              "name": "Hitachi Ops Center",
              "product_id": "T017562",
              "product_identification_helper": {
                "cpe": "cpe:/a:hitachi:ops_center:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM QRadar SIEM",
                "product": {
                  "name": "IBM QRadar SIEM",
                  "product_id": "T021415",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.5",
                "product": {
                  "name": "IBM QRadar SIEM 7.5",
                  "product_id": "T022954",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.4",
                "product": {
                  "name": "IBM QRadar SIEM 7.4",
                  "product_id": "T024775",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Plus 10.1",
                "product": {
                  "name": "IBM Spectrum Protect Plus 10.1",
                  "product_id": "T015895",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spectrum Protect"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "658714",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.11.0",
                "product": {
                  "name": "Red Hat FUSE \u003c7.11.0",
                  "product_id": "723344"
                }
              },
              {
                "category": "product_version",
                "name": "7.11.0",
                "product": {
                  "name": "Red Hat FUSE 7.11.0",
                  "product_id": "723344-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:fuse:6.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FUSE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.1.10",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform \u003c7.1.10",
                  "product_id": "T043205"
                }
              },
              {
                "category": "product_version",
                "name": "7.1.10",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.1.10",
                  "product_id": "T043205-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.3.13",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.13",
                  "product_id": "T043288"
                }
              },
              {
                "category": "product_version",
                "name": "7.3.13",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 7.3.13",
                  "product_id": "T043288-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-15250",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-15250"
    },
    {
      "cve": "CVE-2020-25689",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-25689"
    },
    {
      "cve": "CVE-2020-29582",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-29582"
    },
    {
      "cve": "CVE-2020-36518",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-36518"
    },
    {
      "cve": "CVE-2020-7020",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-7020"
    },
    {
      "cve": "CVE-2020-9484",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2020-9484"
    },
    {
      "cve": "CVE-2021-22060",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-22060"
    },
    {
      "cve": "CVE-2021-22096",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-22096"
    },
    {
      "cve": "CVE-2021-22119",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-22119"
    },
    {
      "cve": "CVE-2021-22569",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-22569"
    },
    {
      "cve": "CVE-2021-22573",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-22573"
    },
    {
      "cve": "CVE-2021-24122",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-24122"
    },
    {
      "cve": "CVE-2021-2471",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-2471"
    },
    {
      "cve": "CVE-2021-25122",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-25122"
    },
    {
      "cve": "CVE-2021-25329",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-25329"
    },
    {
      "cve": "CVE-2021-29505",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-29505"
    },
    {
      "cve": "CVE-2021-30640",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-33813",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-33813"
    },
    {
      "cve": "CVE-2021-35515",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-35515"
    },
    {
      "cve": "CVE-2021-35516",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-35516"
    },
    {
      "cve": "CVE-2021-35517",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-35517"
    },
    {
      "cve": "CVE-2021-36090",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-36090"
    },
    {
      "cve": "CVE-2021-3629",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-3629"
    },
    {
      "cve": "CVE-2021-3642",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-3642"
    },
    {
      "cve": "CVE-2021-3644",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-3644"
    },
    {
      "cve": "CVE-2021-3807",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-3807"
    },
    {
      "cve": "CVE-2021-38153",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-38153"
    },
    {
      "cve": "CVE-2021-3859",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-3859"
    },
    {
      "cve": "CVE-2021-40690",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-40690"
    },
    {
      "cve": "CVE-2021-41079",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-41079"
    },
    {
      "cve": "CVE-2021-41766",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-41766"
    },
    {
      "cve": "CVE-2021-4178",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-4178"
    },
    {
      "cve": "CVE-2021-42340",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-42340"
    },
    {
      "cve": "CVE-2021-42550",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-42550"
    },
    {
      "cve": "CVE-2021-43797",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-43797"
    },
    {
      "cve": "CVE-2021-43859",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2021-43859"
    },
    {
      "cve": "CVE-2022-0084",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-0084"
    },
    {
      "cve": "CVE-2022-1259",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-1259"
    },
    {
      "cve": "CVE-2022-1319",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-1319"
    },
    {
      "cve": "CVE-2022-21363",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-21363"
    },
    {
      "cve": "CVE-2022-21724",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-21724"
    },
    {
      "cve": "CVE-2022-22932",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22932"
    },
    {
      "cve": "CVE-2022-22950",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22950"
    },
    {
      "cve": "CVE-2022-22968",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22968"
    },
    {
      "cve": "CVE-2022-22970",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22970"
    },
    {
      "cve": "CVE-2022-22971",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22971"
    },
    {
      "cve": "CVE-2022-22976",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22976"
    },
    {
      "cve": "CVE-2022-22978",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-22978"
    },
    {
      "cve": "CVE-2022-23181",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-23181"
    },
    {
      "cve": "CVE-2022-23221",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-23221"
    },
    {
      "cve": "CVE-2022-23596",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-23596"
    },
    {
      "cve": "CVE-2022-23913",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-23913"
    },
    {
      "cve": "CVE-2022-24614",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-24614"
    },
    {
      "cve": "CVE-2022-25845",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-25845"
    },
    {
      "cve": "CVE-2022-26336",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-26336"
    },
    {
      "cve": "CVE-2022-26520",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-26520"
    },
    {
      "cve": "CVE-2022-30126",
      "product_status": {
        "known_affected": [
          "67646",
          "723344",
          "658714",
          "T015895",
          "T017562",
          "T022954",
          "T014381",
          "2951",
          "T043205",
          "T021415",
          "T024775",
          "T048677",
          "T048676",
          "T043288",
          "T048675"
        ]
      },
      "release_date": "2022-07-07T22:00:00.000+00:00",
      "title": "CVE-2022-30126"
    }
  ]
}

WID-SEC-W-2023-2465

Vulnerability from csaf_certbund - Published: 2021-01-14 23:00 - Updated: 2026-03-26 23:00

Summary

Apache Tomcat: Schwachstelle ermöglicht Offenlegung von Informationen

Severity

Mittel

Notes

Produktbeschreibung: Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tomcat ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2021-24122

Affected products

Known affected 14 products

Product	Identifier	Version
Avaya Aura Experience Portal Avaya	`cpe:/a:avaya:aura_experience_portal:-`	—
Dell Data Protection Advisor <19.12 Dell / Data Protection Advisor		<19.12
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Avaya Aura Application Enablement Services Avaya	`cpe:/a:avaya:aura_application_enablement_services:-`	—
HPE HP-UX HPE	`cpe:/o:hp:hp-ux:-`	—
Apache Tomcat <7.0.107 Apache / Tomcat		<7.0.107
EMC NetWorker EMC	`cpe:/a:emc:networker:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Avaya one-X Avaya	`cpe:/a:avaya:one-x:-`	—
Apache Tomcat <8.5.60 Apache / Tomcat		<8.5.60
Apache Tomcat <9.0.40 Apache / Tomcat		<9.0.40
Apache Tomcat <10.0.0-M10 Apache / Tomcat		<10.0.0-M10
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

References

22 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://tomcat.apache.org/security-10.html	external
https://tomcat.apache.org/security-9.html	external
https://tomcat.apache.org/security-8.html	external
https://tomcat.apache.org/security-7.html	external
https://access.redhat.com/errata/RHSA-2021:0495	external
https://access.redhat.com/errata/RHSA-2021:0494	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://downloads.avaya.com/css/P8/documents/101074341	external
https://lists.debian.org/debian-lts-announce/2021…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.dell.com/support/kbdoc/de-de/00018969…	external
https://access.redhat.com/errata/RHSA-2021:3425	external
https://alas.aws.amazon.com/AL2/ALASTOMCAT8.5-202…	external
https://alas.aws.amazon.com/AL2/ALAS-2025-2812.html	external
https://www.dell.com/support/kbdoc/en-us/00028173…	external
https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tomcat ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2465 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-2465.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2465 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2465"
      },
      {
        "category": "external",
        "summary": "Apache Tomcat Vulnerabilities vom 2021-01-14",
        "url": "https://tomcat.apache.org/security-10.html"
      },
      {
        "category": "external",
        "summary": "Apache Tomcat Vulnerabilities vom 2021-01-14",
        "url": "https://tomcat.apache.org/security-9.html"
      },
      {
        "category": "external",
        "summary": "Apache Tomcat Vulnerabilities vom 2021-01-14",
        "url": "https://tomcat.apache.org/security-8.html"
      },
      {
        "category": "external",
        "summary": "Apache Tomcat Vulnerabilities vom 2021-01-14",
        "url": "https://tomcat.apache.org/security-7.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0495 vom 2021-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2021:0495"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0494 vom 2021-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2021:0494"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:0531-1 vom 2021-02-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008349.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:0530-1 vom 2021-02-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008352.html"
      },
      {
        "category": "external",
        "summary": "AVAYA Security Advisory ASA-2021-012 vom 2021-03-10",
        "url": "https://downloads.avaya.com/css/P8/documents/101074341"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2596 vom 2021-03-16",
        "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:0989-1 vom 2021-03-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008570.html"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin HPESBUX04114 vom 2021-03-31",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04114en_us"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:1009-1 vom 2021-04-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008578.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2021:14705-1 vom 2021-04-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008669.html"
      },
      {
        "category": "external",
        "summary": "Dell NetWorker Security Update",
        "url": "https://www.dell.com/support/kbdoc/de-de/000189694/dsa-2021-125-dell-emc-networker-security-update-for-multiple-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:3425 vom 2021-09-09",
        "url": "https://access.redhat.com/errata/RHSA-2021:3425"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASTOMCAT8.5-2023-010 vom 2023-09-27",
        "url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT8.5-2023-010.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2812 vom 2025-04-02",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2812.html"
      },
      {
        "category": "external",
        "summary": "Deell Security Update",
        "url": "https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1058-1 vom 2026-03-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024949.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Tomcat: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2026-03-26T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-27T09:40:55.336+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2023-2465",
      "initial_release_date": "2021-01-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2021-01-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2021-02-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-02-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-03-11T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von AVAYA aufgenommen"
        },
        {
          "date": "2021-03-15T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2021-03-30T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-03-31T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von HPE aufgenommen"
        },
        {
          "date": "2021-04-05T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-04-21T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2021-08-18T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von EMC aufgenommen"
        },
        {
          "date": "2021-09-08T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-09-27T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-04-01T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-01-25T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-03-26T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "15"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.5.60",
                "product": {
                  "name": "Apache Tomcat \u003c8.5.60",
                  "product_id": "T017833"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.60",
                "product": {
                  "name": "Apache Tomcat 8.5.60",
                  "product_id": "T017833-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:8.5.60"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.40",
                "product": {
                  "name": "Apache Tomcat \u003c9.0.40",
                  "product_id": "T017834"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.40",
                "product": {
                  "name": "Apache Tomcat 9.0.40",
                  "product_id": "T017834-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:9.0.40"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.0-M10",
                "product": {
                  "name": "Apache Tomcat \u003c10.0.0-M10",
                  "product_id": "T017835"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.0-M10",
                "product": {
                  "name": "Apache Tomcat 10.0.0-M10",
                  "product_id": "T017835-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:10.0.0-m10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.0.107",
                "product": {
                  "name": "Apache Tomcat \u003c7.0.107",
                  "product_id": "T018098"
                }
              },
              {
                "category": "product_version",
                "name": "7.0.107",
                "product": {
                  "name": "Apache Tomcat 7.0.107",
                  "product_id": "T018098-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:7.0.107"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tomcat"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Avaya Aura Application Enablement Services",
            "product": {
              "name": "Avaya Aura Application Enablement Services",
              "product_id": "T015516",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya Aura Experience Portal",
            "product": {
              "name": "Avaya Aura Experience Portal",
              "product_id": "T015519",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:aura_experience_portal:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Avaya one-X",
            "product": {
              "name": "Avaya one-X",
              "product_id": "1024",
              "product_identification_helper": {
                "cpe": "cpe:/a:avaya:one-x:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Avaya"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.12",
                "product": {
                  "name": "Dell Data Protection Advisor \u003c19.12",
                  "product_id": "T050283"
                }
              },
              {
                "category": "product_version",
                "name": "19.12",
                "product": {
                  "name": "Dell Data Protection Advisor 19.12",
                  "product_id": "T050283-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:data_protection_advisor:19.12"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Data Protection Advisor"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "EMC NetWorker",
            "product": {
              "name": "EMC NetWorker",
              "product_id": "3479",
              "product_identification_helper": {
                "cpe": "cpe:/a:emc:networker:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE HP-UX",
            "product": {
              "name": "HPE HP-UX",
              "product_id": "4871",
              "product_identification_helper": {
                "cpe": "cpe:/o:hp:hp-ux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-24122",
      "product_status": {
        "known_affected": [
          "T015519",
          "T050283",
          "67646",
          "T015516",
          "4871",
          "T018098",
          "3479",
          "2951",
          "T002207",
          "1024",
          "T017833",
          "T017834",
          "T017835",
          "398363"
        ]
      },
      "release_date": "2021-01-14T23:00:00.000+00:00",
      "title": "CVE-2021-24122"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-24122 (GCVE-0-2021-24122)

WID-SEC-W-2022-0607

WID-SEC-W-2023-2465

Tags

Sightings

Nomenclature