Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-27304 (GCVE-0-2024-27304)
Vulnerability from cvelistv5 – Published: 2024-03-06 19:07 – Updated: 2024-12-12 20:52
VLAI
EPSS
Title
pgx SQL Injection via Protocol Message Size Overflow
Summary
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
Severity
9.8 (Critical)
CWE
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/jackc/pgx/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/jackc/pgproto3/security/adviso… | x_refsource_MISC |
| https://github.com/jackc/pgproto3/commit/945c2126… | x_refsource_MISC |
| https://github.com/jackc/pgx/commit/adbb38f298c76… | x_refsource_MISC |
| https://github.com/jackc/pgx/commit/c543134753a0c… | x_refsource_MISC |
| https://github.com/jackc/pgx/commit/f94eb0e2f9678… | x_refsource_MISC |
| https://www.youtube.com/watch?v=Tfg1B8u1yvE | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jackc:pgx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pgx",
"vendor": "jackc",
"versions": [
{
"lessThan": "4.18.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:jackc:pgx:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pgx",
"vendor": "jackc",
"versions": [
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T20:31:57.168692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:31:36.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
},
{
"name": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"name": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"name": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"name": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"name": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pgx",
"vendor": "jackc",
"versions": [
{
"status": "affected",
"version": "\u003c 4.18.2"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T20:52:24.821Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
},
{
"name": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"name": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"name": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"name": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"name": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"name": "https://www.youtube.com/watch?v=Tfg1B8u1yvE",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=Tfg1B8u1yvE"
}
],
"source": {
"advisory": "GHSA-mrww-27vc-gghv",
"discovery": "UNKNOWN"
},
"title": "pgx SQL Injection via Protocol Message Size Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27304",
"datePublished": "2024-03-06T19:07:08.491Z",
"dateReserved": "2024-02-22T18:08:38.875Z",
"dateUpdated": "2024-12-12T20:52:24.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-27304",
"date": "2026-05-29",
"epss": "0.01875",
"percentile": "0.8344"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-27304\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-06T19:15:08.767\",\"lastModified\":\"2026-05-21T19:58:35.277\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.\"},{\"lang\":\"es\",\"value\":\"pgx es un controlador PostgreSQL y un conjunto de herramientas para Go. La inyecci\u00f3n de SQL puede ocurrir si un atacante puede hacer que una sola consulta o mensaje de enlace supere los 4 GB de tama\u00f1o. Un desbordamiento de enteros en el tama\u00f1o del mensaje calculado puede provocar que un mensaje grande se env\u00ede como varios mensajes bajo el control del atacante. El problema se resuelve en v4.18.2 y v5.5.4. Como soluci\u00f3n alternativa, rechace la entrada del usuario lo suficientemente grande como para provocar que una sola consulta o mensaje vinculado supere los 4 GB de tama\u00f1o.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"},{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jackc:pgproto3:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"2.3.3\",\"matchCriteriaId\":\"8F2C8085-0A4C-4DBB-9532-404B943C690F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"4.18.2\",\"matchCriteriaId\":\"46A3AE50-BDE3-41DC-9E17-9151318A3E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.5.4\",\"matchCriteriaId\":\"F4EAB649-59DA-40EF-A9AB-1079F6C14419\"}]}]}],\"references\":[{\"url\":\"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=Tfg1B8u1yvE\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\", \"name\": \"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\", \"name\": \"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\", \"name\": \"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\", \"name\": \"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\", \"name\": \"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\", \"name\": \"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:27:59.959Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27304\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-06T20:31:57.168692Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:jackc:pgx:*:*:*:*:*:*:*:*\"], \"vendor\": \"jackc\", \"product\": \"pgx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"4.18.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:jackc:pgx:5.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"jackc\", \"product\": \"pgx\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"5.5.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-25T16:31:26.402Z\"}}], \"cna\": {\"title\": \"pgx SQL Injection via Protocol Message Size Overflow\", \"source\": {\"advisory\": \"GHSA-mrww-27vc-gghv\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"jackc\", \"product\": \"pgx\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 4.18.2\"}, {\"status\": \"affected\", \"version\": \"\u003e= 5.0.0, \u003c 5.5.4\"}]}], \"references\": [{\"url\": \"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\", \"name\": \"https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\", \"name\": \"https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\", \"name\": \"https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\", \"name\": \"https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\", \"name\": \"https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\", \"name\": \"https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.youtube.com/watch?v=Tfg1B8u1yvE\", \"name\": \"https://www.youtube.com/watch?v=Tfg1B8u1yvE\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190: Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-12-12T20:52:24.821Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-27304\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-12T20:52:24.821Z\", \"dateReserved\": \"2024-02-22T18:08:38.875Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-03-06T19:07:08.491Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Уязвимость набора инструментов для работы с PostgreSQL pgx, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю выполнять произвольные SQL-запросы
Description
Уязвимость набора инструментов для работы с PostgreSQL pgx связана с непринятием мер по защите структуры SQL-запроса. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнять произвольные SQL-запросы
Severity
Vendor
Сообщество свободного программного обеспечения
Software Name
pgx
Software Version
до 4.18.2 (pgx), от 5.0.0 до 5.5.4 (pgx)
Possible Mitigations
Использование рекомендаций:
https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4
https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8
https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df
Reference
https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007
https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8
https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4
https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8
https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df
https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
CWE
CWE-89, CWE-190
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 4.18.2 (pgx), \u043e\u0442 5.0.0 \u0434\u043e 5.5.4 (pgx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\t\nhttps://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\t\nhttps://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.03.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "12.03.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.03.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01921",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-27304",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "pgx",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 PostgreSQL pgx, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u044b",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u0430 SQL (\u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \\\"\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 SQL\\\") (CWE-89), \u0426\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0446\u0438\u043a\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0434\u0432\u0438\u0433 (CWE-190)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 PostgreSQL pgx \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u044b",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007\t\nhttps://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8\t\nhttps://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4\t\nhttps://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8\t\nhttps://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df\t\nhttps://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-89, CWE-190",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
CERTFR-2025-AVI-0524
Vulnerability from certfr_avis - Published: 2025-06-19 - Updated: 2025-06-19
De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0 | ||
| VMware | Tanzu | Tanzu Data Lake versions antérieures à 1.1.0 | ||
| VMware | Tanzu | Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.1.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 6.x antérieures à 6.29.1 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions 7.x antérieures à 7.5.0 | ||
| VMware | Tanzu | VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.8.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres sur Kubernetes versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions ant\u00e9rieures \u00e0 6.14.0 et 7.4.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e0 1.31.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 6.x ant\u00e9rieures \u00e0 6.29.1",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions 7.x ant\u00e9rieures \u00e0 7.5.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour Valkey sur Kubernetes versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2021-45943",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
},
{
"name": "CVE-2021-34141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
},
{
"name": "CVE-2022-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-41862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-40898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-4752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2022-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2024-1580",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-23807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-22667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-7348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2022-48468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2025-21490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
},
{
"name": "CVE-2025-21491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
},
{
"name": "CVE-2025-21497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
},
{
"name": "CVE-2025-21500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
},
{
"name": "CVE-2025-21501",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
},
{
"name": "CVE-2025-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
},
{
"name": "CVE-2025-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
},
{
"name": "CVE-2025-21519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
},
{
"name": "CVE-2025-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
},
{
"name": "CVE-2025-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
},
{
"name": "CVE-2025-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
},
{
"name": "CVE-2025-21555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
},
{
"name": "CVE-2025-21559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2022-42967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2012-0880",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
},
{
"name": "CVE-2017-17507",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2018-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
},
{
"name": "CVE-2018-11205",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
},
{
"name": "CVE-2018-13866",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
},
{
"name": "CVE-2018-13867",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
},
{
"name": "CVE-2018-13868",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
},
{
"name": "CVE-2018-13869",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
},
{
"name": "CVE-2018-13870",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
},
{
"name": "CVE-2018-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
},
{
"name": "CVE-2018-13872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
},
{
"name": "CVE-2018-13874",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
},
{
"name": "CVE-2018-13875",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
},
{
"name": "CVE-2018-13876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
},
{
"name": "CVE-2018-14031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
},
{
"name": "CVE-2018-14033",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
},
{
"name": "CVE-2018-14034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
},
{
"name": "CVE-2018-14035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
},
{
"name": "CVE-2018-14460",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
},
{
"name": "CVE-2018-15671",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
},
{
"name": "CVE-2018-16438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
},
{
"name": "CVE-2018-17432",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
},
{
"name": "CVE-2018-17433",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
},
{
"name": "CVE-2018-17434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
},
{
"name": "CVE-2018-17435",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
},
{
"name": "CVE-2018-17436",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
},
{
"name": "CVE-2018-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
},
{
"name": "CVE-2018-17438",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
},
{
"name": "CVE-2018-17439",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
},
{
"name": "CVE-2019-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
},
{
"name": "CVE-2019-20006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
},
{
"name": "CVE-2019-20007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
},
{
"name": "CVE-2019-20198",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
},
{
"name": "CVE-2019-20199",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
},
{
"name": "CVE-2019-20200",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
},
{
"name": "CVE-2019-20201",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
},
{
"name": "CVE-2019-20202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
},
{
"name": "CVE-2019-6988",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
},
{
"name": "CVE-2019-8396",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
},
{
"name": "CVE-2019-8397",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
},
{
"name": "CVE-2019-8398",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
},
{
"name": "CVE-2019-9151",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
},
{
"name": "CVE-2019-9152",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
},
{
"name": "CVE-2020-10809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
},
{
"name": "CVE-2020-10810",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
},
{
"name": "CVE-2020-10811",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
},
{
"name": "CVE-2020-10812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
},
{
"name": "CVE-2020-18232",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
},
{
"name": "CVE-2020-18494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
},
{
"name": "CVE-2021-26220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
},
{
"name": "CVE-2021-26221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
},
{
"name": "CVE-2021-26222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
},
{
"name": "CVE-2021-30485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
},
{
"name": "CVE-2021-31229",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
},
{
"name": "CVE-2021-31347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
},
{
"name": "CVE-2021-31348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
},
{
"name": "CVE-2021-31598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
},
{
"name": "CVE-2021-33430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
},
{
"name": "CVE-2021-37501",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
},
{
"name": "CVE-2021-45829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
},
{
"name": "CVE-2021-45830",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
},
{
"name": "CVE-2021-45832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
},
{
"name": "CVE-2021-45833",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
},
{
"name": "CVE-2021-46242",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
},
{
"name": "CVE-2021-46243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
},
{
"name": "CVE-2021-46244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
},
{
"name": "CVE-2022-25942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
},
{
"name": "CVE-2022-25972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
},
{
"name": "CVE-2022-26061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
},
{
"name": "CVE-2022-30045",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
},
{
"name": "CVE-2022-4055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
},
{
"name": "CVE-2022-47655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
},
{
"name": "CVE-2023-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
},
{
"name": "CVE-2023-29659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2023-6879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
},
{
"name": "CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"name": "CVE-2024-29157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
},
{
"name": "CVE-2024-29158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
},
{
"name": "CVE-2024-29159",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
},
{
"name": "CVE-2024-29160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
},
{
"name": "CVE-2024-29161",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
},
{
"name": "CVE-2024-29162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
},
{
"name": "CVE-2024-29163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
},
{
"name": "CVE-2024-29164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
},
{
"name": "CVE-2024-29165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
},
{
"name": "CVE-2024-29166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
},
{
"name": "CVE-2024-32605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
},
{
"name": "CVE-2024-32606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
},
{
"name": "CVE-2024-32607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
},
{
"name": "CVE-2024-32608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
},
{
"name": "CVE-2024-32609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
},
{
"name": "CVE-2024-32610",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
},
{
"name": "CVE-2024-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
},
{
"name": "CVE-2024-32612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
},
{
"name": "CVE-2024-32613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
},
{
"name": "CVE-2024-32614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
},
{
"name": "CVE-2024-32615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
},
{
"name": "CVE-2024-32616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
},
{
"name": "CVE-2024-32617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
},
{
"name": "CVE-2024-32618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
},
{
"name": "CVE-2024-32619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
},
{
"name": "CVE-2024-32620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
},
{
"name": "CVE-2024-32621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
},
{
"name": "CVE-2024-32622",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
},
{
"name": "CVE-2024-32623",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
},
{
"name": "CVE-2024-32624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
},
{
"name": "CVE-2024-33873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
},
{
"name": "CVE-2024-33874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
},
{
"name": "CVE-2024-33875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
},
{
"name": "CVE-2024-33876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
},
{
"name": "CVE-2024-33877",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
},
{
"name": "CVE-2024-34402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
},
{
"name": "CVE-2024-34403",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2024-46981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
},
{
"name": "CVE-2024-49203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
},
{
"name": "CVE-2024-5171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
},
{
"name": "CVE-2024-51741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
},
{
"name": "CVE-2024-52522",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-53920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
},
{
"name": "CVE-2024-56378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2024-6716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
},
{
"name": "CVE-2025-2153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-23022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
},
{
"name": "CVE-2025-24528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
}
],
"initial_release_date": "2025-06-19T00:00:00",
"last_revision_date": "2025-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0524",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
"vendor_advisories": [
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
},
{
"published_at": "2025-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
}
]
}
CERTFR-2026-AVI-0199
Vulnerability from certfr_avis - Published: 2026-02-24 - Updated: 2026-02-24
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Telco Cloud Platform | Telco Cloud Platform versions 4.x et 5.x sans le correctif de sécurité KB428241 | ||
| VMware | Tanzu Data Services | Tanzu Data Flow versions antérieures à 2.0.2 sur Tanzu Platform | ||
| VMware | Azure Spring Enterprise | Harbor Registry versions antérieures à 2.14.2 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour MySQL versions 2.0.0 sur Kubernetes | ||
| VMware | Cloud Foundation | Cloud Foundation versions 9.x antérieures à 9.0.2.0 | ||
| VMware | Tanzu Kubernetes Runtime | App Metrics versions antérieures à2.3.3 | ||
| VMware | Tanzu Data Intelligence | Tanzu GemFire versions antérieures à 2.6.1 sur Kubernetes | ||
| VMware | Tanzu Kubernetes Runtime | CredHub Secrets Management pour Tanzu Platform versions antérieures à 1.6.8 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Valkey version 3.3.1 sur Kubernetes | ||
| VMware | Tanzu Operations Manager | Foundation Core pour Tanzu Platform versions antérieures à 3.2.4 | ||
| VMware | Aria Operations | Aria Operations versions 8.x antérieures à 8.18.6 | ||
| VMware | Tanzu Kubernetes Runtime | cf-mgmt pour Tanzu Platform versions antérieures à 1.0.108 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Valkey version 9.0.1 | ||
| VMware | Tanzu Kubernetes Runtime | Extended App Support pour Tanzu Platform versions antérieures à 1.0.15 | ||
| VMware | Tanzu Data Intelligence | Tanzu GemFire Management versions antérieures à 1.4.3 | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.77 | ||
| VMware | Tanzu Kubernetes Runtime | Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.5 | ||
| VMware | Cloud Foundation | Cloud Foundation versions 4.x et 5.x sans le correctif de sécurité KB92148 | ||
| VMware | Tanzu Kubernetes Runtime | AI Services pour Tanzu Platform versions antérieures à 10.3.4 | ||
| VMware | Tanzu Kubernetes Runtime | Java Buildpack versions antérieures à 4.89.0 | ||
| VMware | Telco Cloud Infrastructure | Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB428241 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Telco Cloud Platform versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB428241",
"product": {
"name": "Telco Cloud Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Flow versions ant\u00e9rieures \u00e0 2.0.2 sur Tanzu Platform",
"product": {
"name": "Tanzu Data Services",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Harbor Registry versions ant\u00e9rieures \u00e0 2.14.2",
"product": {
"name": "Azure Spring Enterprise",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour MySQL versions 2.0.0 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.2.0",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Metrics versions ant\u00e9rieures \u00e02.3.3",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 2.6.1 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.8",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey version 3.3.1 sur Kubernetes",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.4",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Aria Operations",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "cf-mgmt pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.108",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Valkey version 9.0.1",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.15",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire Management versions ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.77",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB92148",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.89.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9 KB428241",
"product": {
"name": "Telco Cloud Infrastructure",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-47219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2021-42384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42384"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2017-16544",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16544"
},
{
"name": "CVE-2025-39987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
},
{
"name": "CVE-2021-42378",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42378"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2022-24450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-42382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42382"
},
{
"name": "CVE-2020-10750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10750"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2025-40055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
},
{
"name": "CVE-2021-42376",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42376"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2026-22801",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
},
{
"name": "CVE-2025-39876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
},
{
"name": "CVE-2025-40029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
},
{
"name": "CVE-2025-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2025-40048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2025-40043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2021-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41091"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2026-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
},
{
"name": "CVE-2025-59775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59775"
},
{
"name": "CVE-2026-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
},
{
"name": "CVE-2025-39973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2018-1000517",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000517"
},
{
"name": "CVE-2025-15469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
},
{
"name": "CVE-2025-39943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39943"
},
{
"name": "CVE-2025-39945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
},
{
"name": "CVE-2025-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2025-40240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-40081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2025-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2025-40121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
},
{
"name": "CVE-2026-1642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2025-55753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55753"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-40204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
},
{
"name": "CVE-2025-40171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
},
{
"name": "CVE-2021-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2025-39911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10543"
},
{
"name": "CVE-2025-40125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40125"
},
{
"name": "CVE-2025-40349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2019-5481",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
},
{
"name": "CVE-2025-26646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26646"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-29222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29222"
},
{
"name": "CVE-2025-40187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2025-39913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2025-40092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40092"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2025-39967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
},
{
"name": "CVE-2025-40115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2021-42386",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42386"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2025-39949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-29190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29190"
},
{
"name": "CVE-2025-40173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2024-56538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56538"
},
{
"name": "CVE-2025-39923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2018-20679",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20679"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-39953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39953"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2025-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-39969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2017-15873",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15873"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2025-40194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
},
{
"name": "CVE-2025-40245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2025-40001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
},
{
"name": "CVE-2026-1485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2025-40035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-39988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
},
{
"name": "CVE-2026-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22719"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-39399",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39399"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-38584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
},
{
"name": "CVE-2021-42374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42374"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-40233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
},
{
"name": "CVE-2025-40020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2025-40188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2023-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22041"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-66200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66200"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2023-34231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
},
{
"name": "CVE-2026-0988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0988"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-65637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2026-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
},
{
"name": "CVE-2023-47090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47090"
},
{
"name": "CVE-2025-40049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2025-40070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
},
{
"name": "CVE-2022-29946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29946"
},
{
"name": "CVE-2025-40106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2025-40205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2021-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-39885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-30215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30215"
},
{
"name": "CVE-2016-9843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2026-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-39970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2025-39994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-40088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
},
{
"name": "CVE-2025-40220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22036"
},
{
"name": "CVE-2025-13151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2022-28391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28391"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2025-40109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
},
{
"name": "CVE-2025-40006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2022-26652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26652"
},
{
"name": "CVE-2025-40011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
},
{
"name": "CVE-2023-42365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42365"
},
{
"name": "CVE-2025-40231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2021-42379",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42379"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2025-65082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65082"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2026-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2025-40183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
},
{
"name": "CVE-2021-42381",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42381"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2025-39998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2025-40134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
},
{
"name": "CVE-2017-15874",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15874"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2026-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
},
{
"name": "CVE-2025-39968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-39986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-58098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58098"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2025-40078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-40116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
},
{
"name": "CVE-2025-68249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
},
{
"name": "CVE-2026-0990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
},
{
"name": "CVE-2025-39934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2025-40179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
},
{
"name": "CVE-2025-40127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-39996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2026-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22721"
},
{
"name": "CVE-2025-40053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
},
{
"name": "CVE-2026-24515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
},
{
"name": "CVE-2025-39951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39951"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2025-40120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2022-48174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48174"
},
{
"name": "CVE-2025-61594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
},
{
"name": "CVE-2023-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-40243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2021-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41089"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2026-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2023-42364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42364"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-40118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2025-40021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2019-5747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5747"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2025-40105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
},
{
"name": "CVE-2018-1000500",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2026-26014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26014"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2025-40112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40112"
},
{
"name": "CVE-2024-27289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2025-39971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
},
{
"name": "CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2026-23949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
},
{
"name": "CVE-2021-42385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42385"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2026-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
},
{
"name": "CVE-2025-15281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2025-40126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40126"
},
{
"name": "CVE-2025-39972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2021-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-40200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2025-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2025-40124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40124"
},
{
"name": "CVE-2025-39880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-40094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40094"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2026-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21941"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-40215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
},
{
"name": "CVE-2025-40111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-40068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40068"
},
{
"name": "CVE-2025-40042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2026-22695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
},
{
"name": "CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"name": "CVE-2026-24733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
},
{
"name": "CVE-2026-0992",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2026-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
},
{
"name": "CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2019-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-39937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-40060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
},
{
"name": "CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"name": "CVE-2019-5443",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2020-1967",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-60876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-60876"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-11065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11065"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2026-1484",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-40178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2025-39869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-39985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2025-59464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
},
{
"name": "CVE-2023-22006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22006"
},
{
"name": "CVE-2019-5435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2026-1489",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-23648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2026-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22720"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-42363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42363"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-39980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2025-40346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-40030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
},
{
"name": "CVE-2025-40244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
},
{
"name": "CVE-2025-39995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
},
{
"name": "CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-22873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2025-39907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2025-40140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2025-40223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2024-53114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53114"
},
{
"name": "CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"name": "CVE-2026-22703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22703"
},
{
"name": "CVE-2026-0989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2025-39873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-29189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29189"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-40351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
},
{
"name": "CVE-2025-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
},
{
"name": "CVE-2026-25646",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
}
],
"initial_release_date": "2026-02-24T00:00:00",
"last_revision_date": "2026-02-24T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0199",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37012",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37012"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37001",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37001"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37013",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37013"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37003",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37003"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37023",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37023"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37017",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37017"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37006",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37006"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37024",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37024"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36997",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36997"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37004",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37004"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36947",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37018",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37018"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37005",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37005"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37008",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37008"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37007",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37007"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37020",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37020"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36998",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36998"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37002",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37002"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37021",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37021"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37022",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37022"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37016",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37016"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37019",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37019"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37010",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37010"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37009",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37009"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37000",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37000"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37011",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37011"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37015",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37015"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37014",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37014"
},
{
"published_at": "2026-02-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36999",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36999"
}
]
}
FKIE_CVE-2024-27304
Vulnerability from fkie_nvd - Published: 2024-03-06 19:15 - Updated: 2026-05-21 19:58
Severity
Summary
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007 | Patch | |
| security-advisories@github.com | https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8 | Vendor Advisory | |
| security-advisories@github.com | https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4 | Patch | |
| security-advisories@github.com | https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8 | Patch | |
| security-advisories@github.com | https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df | Patch | |
| security-advisories@github.com | https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv | Vendor Advisory | |
| security-advisories@github.com | https://www.youtube.com/watch?v=Tfg1B8u1yvE | Press/Media Coverage | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jackc:pgproto3:*:*:*:*:*:go:*:*",
"matchCriteriaId": "8F2C8085-0A4C-4DBB-9532-404B943C690F",
"versionEndExcluding": "2.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*",
"matchCriteriaId": "46A3AE50-BDE3-41DC-9E17-9151318A3E94",
"versionEndExcluding": "4.18.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*",
"matchCriteriaId": "F4EAB649-59DA-40EF-A9AB-1079F6C14419",
"versionEndExcluding": "5.5.4",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size."
},
{
"lang": "es",
"value": "pgx es un controlador PostgreSQL y un conjunto de herramientas para Go. La inyecci\u00f3n de SQL puede ocurrir si un atacante puede hacer que una sola consulta o mensaje de enlace supere los 4 GB de tama\u00f1o. Un desbordamiento de enteros en el tama\u00f1o del mensaje calculado puede provocar que un mensaje grande se env\u00ede como varios mensajes bajo el control del atacante. El problema se resuelve en v4.18.2 y v5.5.4. Como soluci\u00f3n alternativa, rechace la entrada del usuario lo suficientemente grande como para provocar que una sola consulta o mensaje vinculado supere los 4 GB de tama\u00f1o."
}
],
"id": "CVE-2024-27304",
"lastModified": "2026-05-21T19:58:35.277",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-03-06T19:15:08.767",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.youtube.com/watch?v=Tfg1B8u1yvE"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
},
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-MRWW-27VC-GGHV
Vulnerability from github – Published: 2024-03-04 20:43 – Updated: 2024-12-12 22:30
VLAI
Summary
pgx SQL Injection via Protocol Message Size Overflow
Details
Impact
SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control.
Patches
The problem is resolved in v4.18.2 and v5.5.4.
Workarounds
Reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
Severity
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/jackc/pgx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/jackc/pgx"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/jackc/pgx/v4"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/jackc/pgx/v5"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.5.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-27304"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-89"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-04T20:43:24Z",
"nvd_published_at": "2024-03-06T19:15:08Z",
"severity": "HIGH"
},
"details": "### Impact\n\nSQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control.\n\n### Patches\n\nThe problem is resolved in v4.18.2 and v5.5.4.\n\n### Workarounds\n\nReject user input large enough to cause a single query or bind message to exceed 4 GB in size.\n",
"id": "GHSA-mrww-27vc-gghv",
"modified": "2024-12-12T22:30:36Z",
"published": "2024-03-04T20:43:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27304"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"type": "WEB",
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"type": "PACKAGE",
"url": "https://github.com/jackc/pgx"
},
{
"type": "WEB",
"url": "https://www.youtube.com/watch?v=Tfg1B8u1yvE"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "pgx SQL Injection via Protocol Message Size Overflow"
}
GSD-2024-27304
Vulnerability from gsd - Updated: 2024-02-23 06:03Details
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-27304"
],
"details": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.",
"id": "GSD-2024-27304",
"modified": "2024-02-23T06:03:43.566567Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2024-27304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pgx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c 4.18.2"
},
{
"version_affected": "=",
"version_value": "\u003e= 5.0.0, \u003c 5.5.4"
}
]
}
}
]
},
"vendor_name": "jackc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-89",
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
}
]
},
{
"description": [
{
"cweId": "CWE-190",
"lang": "eng",
"value": "CWE-190: Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv",
"refsource": "MISC",
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
},
{
"name": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8",
"refsource": "MISC",
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"name": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007",
"refsource": "MISC",
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"name": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4",
"refsource": "MISC",
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"name": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8",
"refsource": "MISC",
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"name": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"refsource": "MISC",
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
}
]
},
"source": {
"advisory": "GHSA-mrww-27vc-gghv",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size."
}
],
"id": "CVE-2024-27304",
"lastModified": "2024-03-06T21:42:48.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-03-06T19:15:08.767",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
MSRC_CVE-2024-27304
Vulnerability from csaf_microsoft - Published: 2024-03-02 08:00 - Updated: 2026-02-18 01:05Summary
pgx SQL Injection via Protocol Message Size Overflow
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
9.8 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17405-17086 | — | ||
| Unresolved product id: 17758-17084 | — | ||
| Unresolved product id: 18164-17084 | — |
Known affected
3 products
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17086-1 | — | ||
| Unresolved product id: 17086-2 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2024/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-27304.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "pgx SQL Injection via Protocol Message Size Overflow",
"tracking": {
"current_release_date": "2026-02-18T01:05:59.000Z",
"generator": {
"date": "2026-02-18T08:30:31.762Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-27304",
"initial_release_date": "2024-03-02T08:00:00.000Z",
"revision_history": [
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T01:05:59.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 telegraf 1.28.5-5",
"product": {
"name": "\u003ccbl2 telegraf 1.28.5-5",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "cbl2 telegraf 1.28.5-5",
"product": {
"name": "cbl2 telegraf 1.28.5-5",
"product_id": "17405"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 telegraf 1.31.0-1",
"product": {
"name": "\u003cazl3 telegraf 1.31.0-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 telegraf 1.31.0-1",
"product": {
"name": "azl3 telegraf 1.31.0-1",
"product_id": "17758"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 telegraf 1.29.4-1",
"product": {
"name": "\u003cazl3 telegraf 1.29.4-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 telegraf 1.29.4-1",
"product": {
"name": "azl3 telegraf 1.29.4-1",
"product_id": "18164"
}
}
],
"category": "product_name",
"name": "telegraf"
},
{
"category": "product_name",
"name": "cbl2 telegraf 1.29.4-15",
"product": {
"name": "cbl2 telegraf 1.29.4-15",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "cbl2 telegraf 1.29.4-15",
"product": {
"name": "cbl2 telegraf 1.29.4-15",
"product_id": "2"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 telegraf 1.28.5-5 as a component of CBL Mariner 2.0",
"product_id": "17086-5"
},
"product_reference": "5",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 telegraf 1.28.5-5 as a component of CBL Mariner 2.0",
"product_id": "17405-17086"
},
"product_reference": "17405",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 telegraf 1.31.0-1 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 telegraf 1.31.0-1 as a component of Azure Linux 3.0",
"product_id": "17758-17084"
},
"product_reference": "17758",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 telegraf 1.29.4-15 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 telegraf 1.29.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 telegraf 1.29.4-1 as a component of Azure Linux 3.0",
"product_id": "18164-17084"
},
"product_reference": "18164",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 telegraf 1.29.4-15 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-27304",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17086-1",
"17086-2"
]
}
],
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17405-17086",
"17758-17084",
"18164-17084"
],
"known_affected": [
"17086-5",
"17084-4",
"17084-3"
],
"known_not_affected": [
"17086-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-27304.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "1.28.5-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-5"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2024-06-30T07:00:00.000Z",
"details": "1.31.0-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4",
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-5",
"17084-4",
"17084-3"
]
}
],
"title": "pgx SQL Injection via Protocol Message Size Overflow"
}
]
}
RHSA-2024:1321
Vulnerability from csaf_redhat - Published: 2024-03-13 20:55 - Updated: 2026-05-15 02:24Summary
Red Hat Security Advisory: ACS 4.3 enhancement and security update
Severity
Moderate
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes bug and security fixes.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: This release of RHACS 4.3.5 provides the following bug fix:
* Fixed an issue where an upgrade to RHACS 4.3 from a previous version caused the Central component to enter a crash loop.
It provides the following security fixes:
* pgx: SQL Injection via Protocol Message Size Overflow (CVE-2024-27304)
* pgx: SQL Injection via Line Comment Creation (CVE-2024-27289)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in pgx. SQL injection can occur when all of the following conditions are met in versions before 4.18.2 of pgx. - The non-default simple protocol is used - A placeholder for a numeric value must be immediately preceded by a minus - There must be a second placeholder for a string value after the first placeholder - Both must be on the same line - Both parameter values must be user-controlled
8.1 (High)
Affected products
Fixed
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.
8.1 (High)
Affected products
Fixed
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
16 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:1321 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268269 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268465 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-27289 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268465 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-27289 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-27289 | external |
| https://github.com/jackc/pgx/commit/f94eb0e2f9678… | external |
| https://github.com/jackc/pgx/security/advisories/… | external |
| https://pkg.go.dev/vuln/GO-2024-2605 | external |
| https://access.redhat.com/security/cve/CVE-2024-27304 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268269 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-27304 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-27304 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes bug and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.3.5 provides the following bug fix:\n\n* Fixed an issue where an upgrade to RHACS 4.3 from a previous version caused the Central component to enter a crash loop.\n\nIt provides the following security fixes:\n\n* pgx: SQL Injection via Protocol Message Size Overflow (CVE-2024-27304)\n* pgx: SQL Injection via Line Comment Creation (CVE-2024-27289)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1321",
"url": "https://access.redhat.com/errata/RHSA-2024:1321"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2268269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268269"
},
{
"category": "external",
"summary": "2268465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268465"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1321.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.3 enhancement and security update",
"tracking": {
"current_release_date": "2026-05-15T02:24:01+00:00",
"generator": {
"date": "2026-05-15T02:24:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2024:1321",
"initial_release_date": "2024-03-13T20:55:36+00:00",
"revision_history": [
{
"date": "2024-03-13T20:55:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-13T20:55:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-15T02:24:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.3 for RHEL 8",
"product": {
"name": "RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.5-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-27289",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268465"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pgx. SQL injection can occur when all of the following conditions are met in versions before 4.18.2 of pgx.\u00a0\r\n- The non-default simple protocol is used\r\n- A placeholder for a numeric value must be immediately preceded by a minus\r\n- There must be a second placeholder for a string value after the first placeholder\r\n- Both must be on the same line\r\n- Both parameter values must be user-controlled",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pgx: SQL Injection via Line Comment Creation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27289"
},
{
"category": "external",
"summary": "RHBZ#2268465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268465"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27289",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27289"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p",
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2605",
"url": "https://pkg.go.dev/vuln/GO-2024-2605"
}
],
"release_date": "2024-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-13T20:55:36+00:00",
"details": "If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.5.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1321"
},
{
"category": "workaround",
"details": "A possible mitigation is to not use the simple protocol or do not place a minus directly before a placeholder.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pgx: SQL Injection via Line Comment Creation"
},
{
"cve": "CVE-2024-27304",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268269"
}
],
"notes": [
{
"category": "description",
"text": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker\u0027s control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pgx: SQL Injection via Protocol Message Size Overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27304"
},
{
"category": "external",
"summary": "RHBZ#2268269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27304"
}
],
"release_date": "2024-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-13T20:55:36+00:00",
"details": "If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.5.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1321"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:17afebb6840002a1d56b22dd943061345a1eb8997d57572f1715706a708a0a94_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2113a95c5a4d08d51c542121ae0e7be26761a4883f371b89a84ca604c662ba34_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a2bbd43de9ad33f9daa04600dd2dc7e17ff7919c09bc56ca466af2332c867876_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4ee4e4314d7044b567c0d914a873ef19d6290136524250d71707824ab50a6771_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5fcc7a9793106c6ee9fad1d3181dd3a418c79defd389ad2f79dac540b61ecebe_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:f2ca25a0d7ce845607c96077b896718a82f92810c90eec616b101a444180c2c4_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:23a88ee59f0c47503fa8ab6832e980121622f75abcc70734cf243299209cdd16_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2483c98f0d789d2f2b4ed9183ae38433bc5069d7ed59847a06b68f0994cadfd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:812df7cb4f9c976cd6869c82e0089969ff9c8492b4d9275c3dd2531e1e9beb75_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:362fe0f627380cbf5ead83c3e57400ca831d6d4d26ab416c17123d345de1a075_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:a1ccf6a8ffc1d2d6a6d04528353fbb4f3f0c039b546f439885c26364d5e3d1de_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:edf704674e62f8651e78e1d2b916f36a3d6cad191d3366b97b0e6b9da2c908a1_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:5f2ad23bcf5d96c9cee2789f21df29ba7a63ddabf09140cecdcc21f04ea7cfcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c1e7a5e80831c5f078e1aa26e57870aec1949c148f02c255e76a7a98c01099d7_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:e82ef850c57e49eab2d9b4d24e4892c23939ba0b3158bf37000f6f70c0843bd7_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:18468f5da200cfaf17e2f0c45066aa58141d63e4d622d35c06b4ca9d74812232_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:debc2bcf0938e41a61e48547d34ebecea2f5696cf4ef7c28577d4e30c52adee0_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:f6e627cf9449bdc8003c636db8966c0076e51f071124764f26ffb94449d9e69f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:87bd0d8ae7c5f217f181df81188fff1e1c1f5c06a040a6e376fb26522a3c13d8_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9a1438591ff32bcce16badc7630e5d330f7b7bd453896c79589061686f8f04a9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b1f1169ba6a7b36297db7cf495ee18d3eb32c3ee3882cdb470f13146aea056fb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a3f2bc6b6e06314238a9e030c9bc9b640c0ad71709030863ddebcfe7bf12ea1d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aa05620232be93fea76d2ca7aa3be5d0db4153cad4e718ab4ed91b8964d52dde_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eec6502d809be469d4b0b310ef1fed9fe9c59ea3ecc6583ab8893b58814f5a9d_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:605af3ee40fa2a179c369cff28563908cf3b420651c7aef8eef3837977299903_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:82609a23ba6e2b6c819daaddb330c3e1b7ff0f5e16630ebb6e3db0a9af236f88_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:fa03464d54bf4d31623faae0566b2553f42680b60b4e803d175f898048087bcb_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:136f2a4ed9ee5ebbcb9d74ab0a3eb2c65d3a2b53f9eefaae65bed7b6e11617bb_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1ae645988b18f220896c3c57c45e83dfca1ba13ab531543eddd7b85bbdd41ac6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:284fe7202809723ce52fc3d802927453e6c1943f79ce0761b5f86a8150324cba_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0fd9c60d08bc078d18bf15243d13e284fc6e794187240a9414d3afde69a43c0f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:be0cf8eec9290414cd532be40f1916e977dbd82625ee09f7d45b48172221f6b3_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f0d9e9e8c32dd905e2304dfb686114b3430b6babc88f2abaafd7569403870f52_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pgx: SQL Injection via Protocol Message Size Overflow"
}
]
}
WID-SEC-W-2024-0626
Vulnerability from csaf_certbund - Published: 2024-03-13 23:00 - Updated: 2024-10-16 22:00Summary
Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Manipulation von Dateien
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Dateien zu manipulieren.
Betroffene Betriebssysteme: - Linux
In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf mehrere Anfälligeiten für SQL-Injections zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um eine SQL-Injection durchzuführen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux Advanced Cluster Security <4.3
Red Hat / Enterprise Linux
|
Advanced Cluster Security <4.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf mehrere Anfälligeiten für SQL-Injections zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um eine SQL-Injection durchzuführen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux Advanced Cluster Security <4.3
Red Hat / Enterprise Linux
|
Advanced Cluster Security <4.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
References
6 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://access.redhat.com/errata/RHSA-2024:1321 | external |
| https://bodhi.fedoraproject.org/updates/FEDORA-20… | external |
| https://access.redhat.com/errata/RHSA-2024:7922 | external |
| https://access.redhat.com/errata/RHSA-2024:7944 | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0626 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0626.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0626 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0626"
},
{
"category": "external",
"summary": "RedHatSecurity Advisory vom 2024-03-13",
"url": "https://access.redhat.com/errata/RHSA-2024:1321"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-BD8FE42929 vom 2024-07-06",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-bd8fe42929"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7922 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:7922"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7944 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:7944"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux: Mehrere Schwachstellen erm\u00f6glichen Manipulation von Dateien",
"tracking": {
"current_release_date": "2024-10-16T22:00:00.000+00:00",
"generator": {
"date": "2024-10-17T08:16:56.305+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-0626",
"initial_release_date": "2024-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-16T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version_range",
"name": "Advanced Cluster Security \u003c4.3",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security \u003c4.3",
"product_id": "T033490"
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security 4.3",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security 4.3",
"product_id": "T033490-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security__4.3"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-27289",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf mehrere Anf\u00e4lligeiten f\u00fcr SQL-Injections zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um eine SQL-Injection durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"67646",
"T033490",
"74185"
]
},
"release_date": "2024-03-13T23:00:00.000+00:00",
"title": "CVE-2024-27289"
},
{
"cve": "CVE-2024-27304",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf mehrere Anf\u00e4lligeiten f\u00fcr SQL-Injections zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um eine SQL-Injection durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"67646",
"T033490",
"74185"
]
},
"release_date": "2024-03-13T23:00:00.000+00:00",
"title": "CVE-2024-27304"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…